Forum Discussion
2 Replies
Sort By
- Erik_NovakEmployee
Can you share the violation which cannot be learned? There are quite a few violations for which learning would not make any sense--Illegal Status in HTTP Response, Modified ASM Cookie, and Non-RFC request are a few of these types.
- Erik_NovakEmployee
That parameter is mostly likely learned and added to the policy. Is it acceptable to place it in staging? That would stop the block action, but would also leave it potentially vulnerable. What type of parameter is it--would it be safe to not apply attack signatures to it, for example?