coda6_52611
Feb 23, 2009Nimbostratus
ASM and XSS
We had our website security audited recently with it sitting behind our 6400 with an ASM. The ASM was configured and had been learning for a few months and we turned to finally start blocking attacks and had some XSS attempts get through. We checked our settings and I found that XSS wa addressed and supposedly blocked in our Generic Detection Signatures. At least it's my understanding that these signatures are being used since they are referenced in our Policy Attack Signature Set.
The question we have is, do we need to turn something else on to blick these attacks or does Ziv need to come back out and work on our ASM?
Thanks,
Ken