Question Regarding ASM,when creating policy automatically
Since I am new to ASM,i have few question regarding policy creations.Please let me know answers of below question & request to correct me if i am wrong anywhere in questions.Thanks..
if i am creating policy automatically then, 1.keeping policy in transparent mode.. once enforcement period is over then i can keep policy directly to blocking mode or i need to work on violations manually?? 2.requires to create any logging profile for the policy?? is it compulsory to create logging profile?? 3. how will i come to know to what extent my application is secure for the created policy. 4.shall i need to add more signature in attack signature configuration options despite of system already choosed signature while selecting details like OS,application type & laguage used when creating the policy.