Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Summary
WI in App Services of Azure went down because of the amount of request received by the vulnerability scan that WebInspect did
Products
Fortify WebInspect
Environment
WI 22.1
Situation
WI in App Services of Azure went down because of the amount of request received by the vulnerability scan that WebInspect did
Cause
WebInspect sends attacks to servers, and then analyzes and stores the results. Web application firewalls (WAF), anti-virus software, firewalls, and intrusion detection/prevention systems (IDS/IPS) are in place to prevent these activities. Therefore, these tools can be problematic when conducting a scan for vulnerabilities.
Resolution
Fortify recommends that you disable WAF, anti-virus software, firewall, and IDS/IPS tools for the duration of the scan. Doing so is the only way to be sure you are getting reliable scan results.
Additional information
https://www.microfocus.com/documentation/fortify-webinspect/2210/WI_Help_22.1.0/index.htm#Preparing_Your_System_for_Audit.html?Highlight=Preparing%20Your%20System%20for%20Audit
URL Name
KM000015378