Forum Discussion
2 Replies
- samstepCirrocumulus
Yes, ASM is capable of this functionality using Policy Export/Import function if you choose XML Export/Import.
AskF5 Knowledgebase solution SOL12619 has the schema information.
https://support.f5.com/kb/en-us/solutions/public/12000/600/sol12619.html
In addition to this ASM is capable of importing vulnerability scanner reports XML files and create security policy automatically mitigating the vulnerabilities.
ASM support XML reports produced by WhiteHat, Cenzic (now TrustWave), HP WebInspect and IBM AppScan. Additionally there is a "Generic Scanner" schema you can use - described in ASM manual here:
https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-getting-started-11-5-0/4.htm
Hope this helps,
Sam
- climb74_220480Nimbostratus
Thanks for the help, but what I'm looking for is if I can take a schema of the web application I am trying to secure and populate the parameters, urls, etc from that schema through uploading the developer's xml schema.