| Description | This article describes how to configure Automation to send an alert email when an OWASP Top 10 category is matched in the attack log. |
| Scope | FortiWeb. |
| Solution |
When a signature is triggered or any other relevant attack log is generated, it includes OWASP Top 10 categories such as:
Security Fabric’s Automation stitch can use the attack log to send an alert to email services, Teams notification, or initiate a CLI script.
Refer FortiWeb administration guide for more information regarding Automation Actions configuration: Creating an action
Automation stitch configuration: Create a new Automation action.
To create Email Policy: Alert Email
Create a new Automation trigger:
In this sample, to match the signature attack log for the OWASP Top 10 category 'A03:2021-Injection' with Alert action.
Note: Attack log event type might be varied for different attack types. Selectthe appropriate event type to match the log properly.
To verify which OWASP Top 10 category is enabled in the server policy: OWASP Top 10 Compliance
Create a new Automation stitch.
Related document: |
