Lightboard Lessons: OWASP Top 10 - Insecure Deserialization
Updated May 10, 2022
Version 2.0Was this article helpful?
Hi sachin...great question! The ASM handles Insecure Deserialization mostly through attack signatures. So, it should catch these attempts as a normal part of the way it functions no matter which type of policy you create. Just make sure the standard attack signatures are enabled (which they are by default on any policy). A few examples of signatures that catch Insecure Deserialization attempts are:
Hope this helps!