Forum Discussion
Seçkin
Cirrus
CirrusASM Attack Signature Sets
Hello everyone, Do you have any recommendation which attach signatures set should be added to the policy as a best practice? I mean except it has been added by Server Technologies. For example, do i ...
If your application relies on a back-end SQL DB then yes, you should add the SQL Injection signature sets to secure it. It sounds like Server Technologies are being automatically detected and added your policy. That's good because all you really need are the attack signatures for the OS, web server, application framework, and database which match your environment. This means you won't have to manage violations triggered by attack signatures which are not related to your infrastructure. Make sense?
Erik_Novak
Employee
EmployeeIf your application relies on a back-end SQL DB then yes, you should add the SQL Injection signature sets to secure it. It sounds like Server Technologies are being automatically detected and added your policy. That's good because all you really need are the attack signatures for the OS, web server, application framework, and database which match your environment. This means you won't have to manage violations triggered by attack signatures which are not related to your infrastructure. Make sense?
SeçkinCirrus
CirrusThanks Erik! Yes Server technologies are automatically added to the policy with some signature sets as you know. By default, Generic Attach Signatures are already added and prevent some set of attacks such sql injection but also there is another set of signatures on the Change button and SQL Injection Signatures. Question is that, do i need to add these signatures to the policy, because default added generic attack signatures already blocked those types of attacks as i know.