Forum Discussion
Erik_Novak
Aug 28, 2020Employee
You are correct. You can indeed amend an existing policy, not created afresh, and not created by a 3rd-party vulnerability scanner such as WhiteHat. To be clear: WhiteHat will not "fully manage" the policy. WhiteHat will provide you with an XML file that contains a vulnerability assessment. You can import this file into any security policy--after you select WhiteHat as the vulnerability assessment tool. Then you can use ASM to resolve vulnerabilities reported by WhiteHat. I think the misunderstanding may be that once you select the vulnerability assessment tool, you cannot change it later--you can't mix multiple scanner outputs such as WhiteHat, Qualys, WebInspect, etc. within the same policy. Make sense?
- Mohamed_LrhaziAug 29, 2020Altocumulus
Makes sense. Thanks a lot Erik!