For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Victor_A__Pinto's avatar
Victor_A__Pinto
Icon for Nimbostratus rankNimbostratus
May 16, 2020

Making Policy with Vulnerability assessment tool, it's possible?

Hello everyone!   I would like to know if anyone has created a security policy base on a vulnerability scanner? In my case, I am reviewing the ASM documentation and I find an option that says: "Sec...
ASM Advanced WAF
security
Ivan_Chernenkii's avatar
Ivan_Chernenkii
Icon for Employee rankEmployee
May 19, 2020

You need to do next:

  1. Select Vulnerability Assessment Tool on "Security ›› Application Security : Vulnerability Assessments : Settings" page. As there is no OWASP ZAP, then you need to select Generic Scanner
  2. Download Generic Schema to use it in your scanner's configuration
  3. Scan application with you scanner
  4. Import resulted report to ASM on "Security ›› Application Security : Vulnerability Assessments : Vulnerabilities" page

 

Thanks, Ivan

Victor_A__Pinto's avatar
Victor_A__Pinto
Icon for Nimbostratus rankNimbostratus
May 20, 2020

Thanks Ivan,

try to upload the file as generated by ASM but it apparently doesn't work with OWASP ZAP.

Thanks a lot

 

  • Ivan_Chernenkii's avatar
    Ivan_Chernenkii
    Icon for Employee rankEmployee
    May 20, 2020

    So, you are not able to use xsd schema from ASM in your scanner?