SUPPORT

Contact Support

OPEN A TICKET

Generating Imperva SecureSphere WAF Rules from Netsparker Standard

SecureSphere from Imperva is cyber security software that contains web, database and file security. SecureSphere protects websites from attacks using a set of predefined policies, including custom policies. It allows or blocks requests according to these policies.

If you can't immediately fix all vulnerabilities that Netsparker has detected, you can cover them up and defer fixing them until another time. You can do this by exporting Netsparker's findings as rules for Imperva SecureSphere WAF.

After you import the rules, the Imperva SecureSphere WAF will then block any requests made by malicious hackers.

For further information, see Web Application Firewalls.

Imperva SecureSphere WAF Fields

The table lists and describes the Imperva SecureSphere WAF fields in the Web Application Firewall tab.

Field

Description

Display Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

URL

This is the Imperva SecureSphere instance URL.

Username

This is the name of the user.

Password

This is the password of the user or the personal access token.

Site Name

This is the site name.

Server Group Name

This is the server group name.

Web Service Name

This is the web service name.

How to Configure Imperva SecureSphere WAF Rules in Netsparker Standard

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Web Application Firewall.

  1. From the Add dropdown, select SecureSphere. The SecureSpherefields are displayed.

  1. In the Mandatory section, complete the connection details:
    • URL
    • Username
    • Password
    • Site Name
    • Server Group Name
    • Web Service Name
  2. Click Test Settings to confirm that Netsparker Standard can connect to the configured system and validate the configuration details. The WAF Settings Test dialog is displayed to confirm that the settings have been validated.

How to Generate Imperva SecureSphere WAF Rules from Netsparker Standard Scan Results

  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select SecureSphere WAF Rules. (Alternatively, from the ribbon, click the Vulnerability tab, then SecureSphere WAF Rules.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the SecureSphere rule is created for the selected vulnerability. link.
  2. The rule is automatically created in the SecureSphere WAF. You can view it in SecureSphere WAF’s Policy tab.
  3. To retest the vulnerability from the ribbon in Netsparker Standard, click the Vulnerability tab, then Retest. If the WAF blocks the request, the status code of the response is '403-Forbidden' and Netsparker will display a message: Vulnerability seems to be fixed and removed from the report.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO