automatization
1 Topic
Best way to let developers adjust ASM policy
Hello Everyone, Intro: Behind our F5's we have multiple web servers managed be different dev teams with different security levels and also working with different technologies. I'd like to ask you, based on your practical experience, what is the best way to adjust ASM policy to current Release of the web application? I know there is learning mode and also we do have test env., but you might test how long you want and you will never caught all possible causes and so in PROD env. you will have to solve quite lot ASM issues (ilegal parameter type, ilegal URL ... etc). Is there any way to offer developers some page/script/scantool/iApp that would help them to adjust ASM policy by them self? If yes which one is prefered way? Or shall I just developed one (shouldn't be hard just couple of forms saving result in .xml)? I don't beleive I'm only one with this needs/question. Thank you. YSolved428Views0likes5Comments