Edward Newman
Reputation: 31
Is it possible to use latest OWASP CRS rules in CloudArmor
CloudArmor appears to use OWASP CRS 3.0.1 rules which are now pretty dated (last update around 4 years ago). CRS is now on V3.3 and V3.4 is in development.
Is there a way to take the new rules from coreruleset Github Repo and import into CloudArmor? Does Google have plans to update to the newer set by default?
Main driver is that some of the rules are very dated or unworkable. For example scanner detection triggers on "python-requests" as a User-Agent and this is no longer checked for in latest V3.3 ruleset.
Upvotes: 1
Views: 482
Answers (1)
dune73
Reputation: 299
If this has not been solved yet: I think Google does not give you the chance to pick for yourself. Also, it's a commercial support question that should probably be directed there.
Upvotes: 0
Related Questions
- Does GCP Cloud Armor support TCP load balancer? I am unable to add TCP load balancer as a Target in Cloud Armor
- Cloud Armor | allow multiple request paths in one line
- Why some rule actions are disabled in google cloud armor?
- GCP How can we attach google armor with google NEG?
- The Python script for updating rules in the Cloud Armor in Google Cloud Platform by REST API
- How to use Cloud Armor with GAE Flex?
- Cloudformation IAM Policy
- Google Cloud Armor: Cannot add targets using cloud armor
- Grafana - Configure Custom Metrics from Cloudwatch
- Is google endpoints hipaa compliance