Forum Discussion
modified domain cookies
- Sep 01, 2022
how to know if it is false positive or not? note that, i'm not the owner of the secured application
Thats the worst condition to maintain an security policy. But I feel you. Since we have the same situation at our DC. Without having a clue whats going on at the application you should not enforce the cookies or other settings like parameter. Cause u dont know what cookie/parameter is correct, how often there will be a change and so on.
You have two choices.
A) Get in touch with the application devs and set up all together (parameter, cookies, urls, etc) then u have a good secured policy
B) Go with wildcard for parameter, url and cookies, etc. dont learn them just accept them and only do attack signatures of them.
how to know if it is false positive or not? note that, i'm not the owner of the secured application
Thats the worst condition to maintain an security policy. But I feel you. Since we have the same situation at our DC. Without having a clue whats going on at the application you should not enforce the cookies or other settings like parameter. Cause u dont know what cookie/parameter is correct, how often there will be a change and so on.
You have two choices.
A) Get in touch with the application devs and set up all together (parameter, cookies, urls, etc) then u have a good secured policy
B) Go with wildcard for parameter, url and cookies, etc. dont learn them just accept them and only do attack signatures of them.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com