NimbostratusIs there a default OWASP Top 10 signature set or has anyone created one that works? I am looking for an easy way to add all signatures to address the OWASP Top 10. Maybe I just don't understand, but I keep getting asked to just protect against the OWASP Top 10 and I am still learning so maybe I am missing something on this.
NimbostratusForgot to mention, we are on version 12.1.3
EmployeeThe OWASP Top Ten lists vulnerabilities which can be generalized for most web application infrastructures. ASM doesn't offer attack signatures for the "OWASP Top Ten" exactly. When you build your policy, you need to specify the system(s) that are appropriate for your environment. For example, you might select Unix/Linux, Apache, PHP, and MySQL. By providing this info, ASM will apply attack signatures that are relevant to your operating system, framework, DB, and other elements of your enterprise. So, if you chose MySQL, you will get all of the attack signatures which match patterns for SQL injection--loosely defined as "Injection Attacks" by OWASP. It is also possible that not all of the OWASP vulnerabilities exist in your app(s). A recommended approach is to understand which vulnerabilities exist, and then tailor ASM to mitigate those vulnerabilities. Make sense?