Forum Discussion
CirrusAdd Systems signature to an existing ASM policy
Ok I think I got it now.
First if my doubt about the different results with my previous filtering example on Wordpress was because OS has available Wordpress signatures (Security ›› Options : Application Security : Attack Signatures : Attack Signature List) and they were not applied to the policy (Security ›› Application Security : Attack Signatures). Correct?
Secondly I succesfully managed to update the signatures applied to a policy without rebuilding from scratch. For the record:
1/ Go in Security ›› Application Security : Policy Building : Learning and Blocking Settings to update policy signatures applied and click on the Signature set to update:
2/ Do required changes including the name of Signature set and click Update (here only PHP for the example):
3/ Check changes
I think this make the trick thanks all to your help but do you validate this method?
Thank you very much!
CirrusHi Tzoori,
Thanks for your reply. I precise I'm using version 12 and in fact what you suggest to do is what I intend to do as well but something made me doubt. Let me explain.
If I filter among all the available System signatures on the System (Security ›› Options : Application Security : Attack Signatures : Attack Signature List), and for instance I filter on WordPress I get below results:
But if I do the same on one policy I'd like to update (Security ›› Application Security : Attack Signatures), no result at all is returned whereas I use the same filter:
Do you have an explanation?
Thanks again.
