Azure Out Of Date Owasp Rules
Description
Detects Azure Application Gateway WAF policies that are using outdated OWASP rule sets (versions below 3.2). Outdated OWASP rules may not protect against newer web application vulnerabilities and attacks, potentially leaving applications exposed to security threats.
Detection Strategy
• WAF policy is using OWASP rule set type
• OWASP rule set version is older than version 3.2
• WAF policy is attached to at least one Application Gateway
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.