cancel
Showing results for 
Search instead for 
Did you mean: 

Should ASM/WAF Be Implemented for a Temporary Static Notification Content Page

t_dub82
Nimbostratus
Nimbostratus

We have an application that no longer exists. A static page has been created (which will be up for 90 days) to tell the users that it no longer exists. Is there any best practice to whether the ASM/WAF base policy should or shouldn't be applied to this temporary VIP?

2 REPLIES 2

cjunior
Nacreous
Nacreous

As far as I know, it depends on how the service is hosted or the platform or a known issue on it.

You may not be vulnerable to a command injection because site is static.

But is possible to be vulnerable to command execution, poisoning, tampering, etc.

So, yes, I would apply a policy there t least based on a platform.

 

Regards.

Okay thanks for the information. Tomara Watkins, BSBA MBA ODJFS/OIS/IT Governance and Risk Management Desk Phone: (614) 387-8162 Service Desk: (614) 466-0978 stateofohio.service-now.com/ess Email: tomara.watkins@jfs.ohio.gov ONE TEAM, inspiring each other to embrace INNOVATION; Deliver VALUE-ADDED services; and create DIGITAL BUSINESS solutions