For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Victor_A__Pinto's avatar
Victor_A__Pinto
Icon for Nimbostratus rankNimbostratus
May 16, 2020

Making Policy with Vulnerability assessment tool, it's possible?

Hello everyone!   I would like to know if anyone has created a security policy base on a vulnerability scanner? In my case, I am reviewing the ASM documentation and I find an option that says: "Sec...
ASM Advanced WAF
security
Ivan_Chernenkii's avatar
Ivan_Chernenkii
Icon for Employee rankEmployee
May 19, 2020

You need to do next:

  1. Select Vulnerability Assessment Tool on "Security ›› Application Security : Vulnerability Assessments : Settings" page. As there is no OWASP ZAP, then you need to select Generic Scanner
  2. Download Generic Schema to use it in your scanner's configuration
  3. Scan application with you scanner
  4. Import resulted report to ASM on "Security ›› Application Security : Vulnerability Assessments : Vulnerabilities" page

 

Thanks, Ivan

  • Victor_A__Pinto's avatar
    Victor_A__Pinto
    Icon for Nimbostratus rankNimbostratus
    May 20, 2020

    Thanks Ivan,

    try to upload the file as generated by ASM but it apparently doesn't work with OWASP ZAP.

    Thanks a lot

     

    • Ivan_Chernenkii's avatar
      Ivan_Chernenkii
      Icon for Employee rankEmployee
      May 20, 2020

      So, you are not able to use xsd schema from ASM in your scanner?