Mike_Maher
Feb 17, 2011Nimbostratus
ASM Policy Blocking
So I am currently trying to determine what is best blocked at the ASM and what to allow to pass to the application security layer. So I realize that some of the blocks at ASM are subjective to what type of application you are protecting and what technologies are deployed within the application. Obviously I would not need turn on any XML checks if there is no XML in the application. So I guess what I am looking for is does anyone have any opinion on what checks should we enable no matter what. My thought were the following and wanted to see if anyone had anything to add or a process they use to handle this. By the way I am running 10.2.
All the RFC-Violations
CSRF Attack Detected
Illegal File Type
Illegal Method
Illegal URL
Illegal Meta-Character in the URL
Failed to convert character
Web Scraping Detected
ASM Cookie Hijacking
Modified ASM Cookie
Attack Signature Detected