Forum Discussion

paul_dawson_258

Icon for Nimbostratus rank

Nimbostratus

Jun 01, 2016

SQL Injection marked as informational

Hi Guys,

I'm not sure why but ASM is picking up the attack signature as SQL Injection but marking it as informational. Any ideas?

ASM Advanced WAF

Erik_Novak
Employee
Jun 01, 2016
If you go to Security>>Options: Application Security: Advanced Configuration: Violations List, what is the severity level assigned to Attack Signatures? You can click on Attack Signatures to see it.
nathe
Cirrocumulus
Jun 01, 2016
Paul,

Is the Request Informational because it's a legal request i.e. the Green Tick. This would suggest the signature(s) are in Staging. Once out of Staging the request becomes Illegal and the Severity should change accordingly.

N

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming