CirrusHello ,
we have here a ASM for an application which is still in the developing phase.
Learning mode is still working on it since 10 days ago and till now it didnt finished.
My question here is during the learning peroid if any component of the application changes does the learning peroid resets?
Does it resets for the page changes only or for all the app?
Thank you...
CirrusHi,
Do you mean Enforcement Readiness Period or Learning Mode?
The Enforcement Readiness Period is reset every time the configuration is changed or a violation is triggered for a staged item.
If you change a component on the web application, ASM is not aware of this until you change your ASM policy accordingly. And by changing the ASM policy, the Enforcement Readiness Period is reset.
Martijn.
CirrusHello Martijin,
Can you please explain me what is the difference between the learning peroid and the ERP one?
Thank you..
CirrusIn Learning Mode ASM adapts the security policy so we can prevent false positives. This is called Policy Building. Learning Suggestions are created which you can Accept, Delete or Ignore.
If we talk about Enforcement Readiness Period we talk about staging. For example Signature Staging. If you have Signatures configured in your ASM policy and your ERP is 7 days, Signatures which did not trigger a violation within those 7 days are set to Ready to Enforce. You can choose to enable those signatures.
I would advise you to follow the instructor led ASM training.
CirrostratusHi,
Do you mean Enforcement Readiness Period or Learning Mode?
The Enforcement Readiness Period is reset every time the configuration is changed or a violation is triggered for a staged item.
If you change a component on the web application, ASM is not aware of this until you change your ASM policy accordingly. And by changing the ASM policy, the Enforcement Readiness Period is reset.
Martijn.
CirrusHello Martijin,
Can you please explain me what is the difference between the learning peroid and the ERP one?
Thank you..
CirrostratusIn Learning Mode ASM adapts the security policy so we can prevent false positives. This is called Policy Building. Learning Suggestions are created which you can Accept, Delete or Ignore.
If we talk about Enforcement Readiness Period we talk about staging. For example Signature Staging. If you have Signatures configured in your ASM policy and your ERP is 7 days, Signatures which did not trigger a violation within those 7 days are set to Ready to Enforce. You can choose to enable those signatures.
I would advise you to follow the instructor led ASM training.