Forum Discussion

eagertolearn's avatar
Icon for Nimbostratus rankNimbostratus
May 30, 2024

Attack Analysis- ASM

Hello Everybody,


  This is for F5 ASM, Recently while tracing a support ID we came to know that user request was blocked due to suspected SQL injection attack for other support ID it was blocked due to suspected cross site scripting attack. I am using word "suspected" as we were unable to find whether these were really attack of just a false positive incident. 


      Stucked on how to analyse that attack is a genuine or false one. in other words I am looking for a keyword may either or request / response which can clear indicates that it's a malicious hits only.




1 Reply