Manual to Atomatic

I inherited an ASM with about 300 Web Apps using the same transparent policy using only the generic signature set. There are another 300 that need ASM protections. I mention the number of applications to emphasis they all cannot have an individual policy due to resource limitations. All Web Apps are on the common partition.

 

Our methodology is to onboard to a transparent policy, tune it, export it, modify the policy name in the export, import it, and finally assign it to a web app.

 

In January we decided to create a "loose" one size fits all policy managed manually. I created individual manual signature sets based on attack type, using high accuracy and medium to high risk. As the number of onboarded web apps grows policy tuning is becoming increasingly difficult.

 

My question, Is there downside if we change the transparent policy from manual to automatic?

 

Thanks,