Forum Discussion
NimbostratusAnyone with experience deploying ASM in blocking mode for a product called Powerschool?
We've recently started exploring use of ASM to better protect some of our applications. One of the most important ones we're focusing on is one called Powerschool.
I've currently got a policy set up in a transparent state to review what is caught during this learning period and so far there is an enormous amount of false positives coming in. Powerschool hasn't been very helpful when I've reached out to them.
I'm concerned about turning this into a blocking state since it looks like it will likely break a lot of functions.
samstepCirrocumulus
This appears to be education-sector-specific product, I am guessing most people on this forum(like myself) come from the business side, so unable to help directly.
You need to understand the application's technology, so you could map it to correct attack signatures, e.g. is it a .NET application, a Java application, a PHP application? What kind of auto-learnt things are throwing false positives? Attack signatures? Parameters? URLs? HTTP protocol compliance? Has this product been penetration-tested, do you have a pen-test report or a list of known security vulnerabilities?