Forum Discussion

Mario_Franco's avatar
Icon for Altocumulus rankAltocumulus
Apr 16, 2024

ASM - Parent policy vs OWASPcompliance

Hi folks,

I am implementing a WAF in my company and I would like to work with parent and child policies. This way, if we need to add something in general, I can apply it to the parent policy and it will replicate this change to the child policies, instead of going one by one and applying it individually. However, I found out that "Parent and Child Security Policies are not supported by the OWASP Top 10 compliance dashboard."

So, I would like to know what the best approach is. Is it worth going ahead with the parent and child policies and ignore the OWASP compliance dashboard? Or, in terms of security, is it better to create a normal ASM policy without parent or child relationships?

No RepliesBe the first to reply