Forum Discussion

Wasfi_182818's avatar
Wasfi_182818
Icon for Nimbostratus rankNimbostratus
May 31, 2016

Accepting an attack signature then reversing the action

Hi;

 

If a junior admin accepted a learnt attack signature, thinking it is a false positive, then the senior admin decides to "un-accept" it as he recognized that it is not a false positive. How can the "accepted" signatures be located to be "un-accepted". is there a list of accepted attack signatures.

 

Kindly Wasfi

 

ASM Advanced WAF
security
  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    May 31, 2016

    Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)

     

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    May 31, 2016

    Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)

     

  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Icon for Nacreous rankNacreous
    May 31, 2016

    Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)