Mario_Franco
Apr 16, 2024Altocumulus
ASM - Parent policy vs OWASPcompliance
Hi folks,
I am implementing a WAF in my company and I would like to work with parent and child policies. This way, if we need to add something in general, I can apply it to the parent policy and it will replicate this change to the child policies, instead of going one by one and applying it individually. However, I found out that "Parent and Child Security Policies are not supported by the OWASP Top 10 compliance dashboard."
So, I would like to know what the best approach is. Is it worth going ahead with the parent and child policies and ignore the OWASP compliance dashboard? Or, in terms of security, is it better to create a normal ASM policy without parent or child relationships?