Handle False Positive for files upload
Hi folks,
I'm wondering how to handle uploading files through XC. For example, I have a URL used for uploading files to a web application, say /upload.
The files appear to be scanned by XC which detects and triggers many attack signatures. According to my tests they are all false positives. A concrete example of trigered signature:
The habit I had on ASM was to disable problematic signatures on this type of URL.
Is there a more relevant way to handle these cases on XC?
Many thanks.
Yes, the reocmmendation is to leave it "enabled" ( the feature is enabled in the default policy ).
Regarding the comment "lowered the level of protection against SQL Injection type attacks" , could you please open a support ticket with the details ? We will review and make improvements as needed to the model