NimbostratusHi, when i'm creating a security policy, attack signature is auto assigned based on the selected systems assigned.
It have other attack signature e.g. Cross Site Scripting, SQL Injection & etc. Do it need to manually add them in? What are the best recommended practice?
EmployeeHi Boon, don't hesitate to have a look to this great do, maybe you'll find some help : https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/f5-asm-operations-guide.html.
Quick comment on your question, when you created the security policy, during the wizard, ASM asked you to configure Attack signatures. In this step ASM proposed you various signature organized as system-set based on OS/application framework/language/DB. If during this steps you have selected SQL you already have in your policy injection related signatures.
the menu you display here is just another way to present signatures not system related but attack oriented.
What you could do first, is move the to second tab, attack signature list, which displays applied signatures to your policy, and filter based on "signature attack types", you will be able to see if signatures are already applied.