Good Day,
As we continue to move all of our externally facing sites to the WAF, our vulnerability management team is always asking "Will the WAF cover CVE-XXXX?"
The big ones that hit the news are usually listed in a blog, but obscure old ones i can never with confidence find a direct answer.
Do i need to open a case everytime to find something that seems simple? Or am i over-looking an obvious link to what is covered?
Example this week...Can you please also check on CVE-2018-8039 and CVE-2018-1258?
thanks to all that take time to read and answer.
#CloudWAF(formerlyIncapsula)------------------------------
Walter Dodson
Senior Information Security Engineer
Columbus OH
------------------------------