Importing WebInspect vulnerabilities into ASM

WebInspect (currently 10.20) offers several XML outputs, so I am assuming that the F5 import tool is only expecting one of those. The F5 manual many need a listing of the acceptable, or expected schema, exports from the various vendor scanners. For example, WebInspect 10.xx "recently" added an Export to WAF option. This new XML output is different from the classic "Full" export that WebInspect has had for a decade. I suspect it is the Full export that your import function is expecting, which could explain the error you had in importing. WebInspect Option 1: File menu > Export > Scan Details > "Full" WebInspect Option 2: File menu > Export > "Protection Rules to Web Application Firewall" You might also find answers on the HP WebInspect public user forums here: http://h30499.www3.hp.com/t5/HP-Application-Security-Center/ct-p/sws-sc01 Here is a guide: http://h30499.www3.hp.com/t5/Fortify-Application-Security/HP-WebInspect-and-F5-Integration/ba-p/6413212.U9pFv2OTFVI Starting in 2014, there is also a private, customer-only set of WebInspect forums here: https://protect724.arcsight.com/