Exporting Scan Results as Web Application Firewall Rules

This topic explains how you can export the list of vulnerabilities Acunetix 360 identified during a web vulnerability scan and import them as rules in your web application firewall. Since at the moment you can only export ModSecurity firewall rules directly from the Acunetix 360 scanners (see Generating ModSecurity Web Application Firewall Rules from Acunetix 360), this exercise will illustrate the process using Threadfix.

This means that you can export Acunetix 360 scan results and import them as web application firewall rules to any type and brand of firewall that is supported by ThreadFix.

In this example, we will export the Acunetix 360 scan results to an Imperva SecureSphere WAF.

How to Export the Vulnerability List in XML Format in Acunetix 360
  1. Open Acunetix 360.
  2. From the main menu, select Scan, then Recent Scans. The Recent Scans window is displayed.

  1. Next to the relevant scan, click Report. The Scan Summary window is displayed.

  1. Click Export. The Export Report dialog is displayed.

  1. From the Report dropdown, select Vulnerabilities List.
  2. The Format dropdown will automatically be set to XML.
  3. Click Export.
How to Import the Vulnerability List in ThreadFix

In order to import the list of vulnerabilities in ThreadFix, and associate them with a web application so then you can export them as WAF rules, you should have an application associated with a team.

For further information on setting up ThreadFix, see ThreadFix Getting Started Guide.

  1. Log in to ThreadFix.
  2. In ThreadFix, navigate to the web application that you have just scanned in ThreadFix.

Upload vulnerability list to ThreadFix

  1. Click Upload Scan.
  1. Specify the path of the XML file and import the vulnerabilities.
How to Export the Vulnerability List from ThreadFix as Imperva WAF Rules

First you have to add or configure the Imperva firewall in ThreadFix.

  1. From the Settings dropdown, select WAFs.

Adding a WAF to ThreadFix

  1. Click Create WAF. The Create New WAF window is displayed.
  2. In the Name field, enter a name for the WAF.
  3. In the Type field, enter a type (in this case, select Imperva SecureSphere).
  1. Click Create WAF.

Once the Imperva WAF is successfully added to ThreadFix, you have to associate it to the web application in question.

  1. Navigate to the web application in ThreadFix.
  2. From the Action dropdown, select Edit/Delete.

Open the application settings in ThreadFix

  1. From the application's settings, click Set WAF.
  2. Select the Imperva web application firewall you have just created in the previous step.
  3. Click Add Waf and Save.

Associate a WAF To a web application in ThreadFix

  1. Click Save Changes to save the application's settings and the association.

Once the web application firewall is associated with your web application, you can export the rules to your Imperva WAF.

  1. From the Settings dropdown, navigate to the WAFs page by selecting WAFs.

See the Imperva WAF rules in ThreadFix

  1. Click Rules to view the generated web application firewall rules.
  2. Click Download WAF Rules to export the generated rules into a text file.

 

« Back to the Acunetix Support Page