Forum Discussion

Wasfi_182818's avatar
Wasfi_182818
Icon for Nimbostratus rankNimbostratus
May 31, 2016

Accepting an attack signature then reversing the action

Hi;

 

If a junior admin accepted a learnt attack signature, thinking it is a false positive, then the senior admin decides to "un-accept" it as he recognized that it is not a false positive. How can the "accepted" signatures be located to be "un-accepted". is there a list of accepted attack signatures.

 

Kindly Wasfi

 

  • Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)

     

  • Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)

     

  • Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)