SUPPORT

Contact Support

OPEN A TICKET

Generating FortiWeb WAF Rules from Netsparker Standard

FortiWeb protects web applications from attacks that target known and unknown vulnerabilities. FortiWeb takes a comprehensive approach to protecting Web applications, including IP reputation, DDoS protection, protocol validation, application attack signatures, bot mitigation, and more to defend your application against a wide range of threats, including the OWASP Top 10.

If you can't immediately fix all vulnerabilities that Netsparker has detected, you can cover them up and defer fixing them until another time. This is achieved by exporting Netsparker's findings as rules for the FortiWeb WAF.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to FortiWeb WAF.

For further information, see Web Application Firewalls.

FortiWeb WAF Fields

The table lists and describes the FortiWeb WAF fields in the Web Application Firewall tab.

Field

Description

Display Name

This is the name of the configuration that will be shown on menus.

Mandatory

This section contains fields that must be completed.

Server Address

This is the name or IP address of the FortiWeb server, starting with http(s) and containing a port value. The default port value is 90.

Username

This is the username.

Password

This is the password of the user.

Policy Name

This is the policy name.

How to Configure FortiWeb WAF Rules in Netsparker Standard

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Web Application Firewall.

  1. From the Add dropdown, select FortiWeb. The FortiWeb fields are displayed.

  1. In the Mandatory section, complete the connection details:
    • Server Address
    • Username
    • Password
    • Policy Name
For information on the Policy, see Configuring an HTTP server policy and Configuring a protection profile for inline topologies.
  1. Click Test Settings to confirm that Netsparker Standard can connect to the configured system and validate the configuration details. The WAF Settings Test dialog is displayed to confirm that the settings have been validated.

How to Generate FortiWeb WAF Rules from Netsparker Standard Scan Results

  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select FortiWeb WAF Rules. (Alternatively, from the ribbon, click the Vulnerability tab, then FortiWeb WAF Rules.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the FortiWeb rule is created for the selected vulnerability link.
  2. The rule is automatically created in the FortiWeb WAF. You can view it in FortiWeb WAF’s Custom Policy menu in the Custom Rules tab.
  3. To retest the vulnerability from the ribbon in Netsparker Standard, click the Vulnerability tab, then Retest. If the WAF blocks the request, the status code of the response is '403-Forbidden' and Netsparker will display a message: Vulnerability seems to be fixed and removed from the report.
Since FortiWeb does not provide an option for the request body, Netsparker blocks the request method and URL. This causes non-vulnerable requests to be blocked.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO