Check1t_282465
Dec 13, 2017Nimbostratus
ASM Policy Allow traversal detection evasion only for specific URL
Our application is flagging legitimate requests for directory traversals. Learning option is to allow for application. Is it possible to allow for just one URL? For example, if I were to create a wildcard parameter, specify URL, and under attack signatures select those taht are traversal related, would that work? As the alerted event does not specify specific attack signatures, not sure. Any thoughts or suggestions would be appreciated. Thank you.