Forum Discussion

SSHSSH_97332's avatar
SSHSSH_97332
Icon for Nimbostratus rankNimbostratus
Jan 24, 2012

SQL Injection at a demo

Through a ASM demo , i wanted to simulate SQL injection attakec to show the customer Logs & reports . buit i found that attack was not detected ( even i used all attack signatures at the policy ) i t...
app sec
BIG-IP Access Policy Manager (APM)
security
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Jan 26, 2012
SSHSSH

 

 

You can check a couple of ways to see if a sig is in staging. Firstly, go to Attack Signatures on the left hand menu and then select Policy Attack Signatures. This will show all the signatures for the selected web application. If you change the filter to Custom you should be able to select In Staging - Yes and this will list all sigs within this web app that are in staging.

 

 

Second way is under Policy Building - click on Manual and I believe under the Traffic Learning section if you have sigs in staging you will have a link called "Attack signature staging" - if you click on this it will show up details of violations triggered against sigs in staging.

 

 

This is 9.4.8 ASM so may be slightly different depending on your version.

 

 

Hope this helps.

 

 

N