Does anyone have any links or knowledge around converting YARA and/or SNORT rules into ASM/AWAF custom signatures? Using 15.1.5 at the moment but was curious if this has been successful. I've seen this with AFM but not with ASM/AWAF:
Any help is greatly appreciated!
Hi, there's a section in "Attack Signatures" database menu that allows you to create default WAF signatures. From "Advanced" options you can use SNORT syntax as well.
I'm going by memory, but it should be something like Security/Options/Application Security/Attack Singatures/Attack Signature List , then "create". (from the environents I manage I see that this menu keeps changing position in major versions ... hope I'm right 😄 )