module2lab1_2

Author: mburnsf5

docs/waf2025/images/A3checked.png

@@ -64,6 +64,8 @@ Create security policy using the Guided Configuration
 
     .. image:: ../images/ready_to_deploy.png
 
+#. Click Finish on the next screen.
+
 #.  After the policy is created, we will want to apply a logging profile to our new security policy.
 
     - Go to **Securirty -> Overview -> Summary**, and the policy you just created should be listed. 

docs/waf2025/images/A3list.png

@@ -13,16 +13,19 @@ Discover and learn to operate the Dashboard
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 #. On the Main tab, click **Security -> Overview -> OWASP Compliance**. This opens the OWASP Dashboard.  Highlight your new policy ``juice_shop_waf``.  You will see that your score is 0/10 for securing against the OWASP top 10.  Though you will see partial % scores for some.
+    .. image:: ../images/list.png
 
-#. Click on the expand arrow next to **A1 Injection**.  This will display the attack signature types and required protections you need to secure yourself against this risk.
+#. Click on the expand arrow next to **A3 Injection**.  This will display the attack signature types and required protections you need to secure yourself against this risk.
 
-    .. image:: ../images/a1initialreview.png
+    .. image:: ../images/A3list.png
+
+#. Notice that each signature type shows the number of signatures in **Staging/Enforced/Total**.  Just because signatures are enabled, it does not mean they are enforced. Now let's enforce some signatures.
 
 #. On that same screen in the OWASP Dashboard, hover your pointer over **SQL-Injection** and select the **checkmark**.  Also hover over **Server Side Code Injection** and select the **checkmark**.  These checkmarks apply the protections to the policy.  Notice your potential A1 Injection protection % increased.
 
     .. Note::  In the dashboard, if you see the checkmark available, it will enforce any protections required to be compliant for that vector.
 
-    .. image:: ../images/a1addsignatures.png
+    .. image:: ../images/A3checked.png
 
 #. Press the blue **Review & Update** button below.  On the pop up window press the blue **Save & Apply Policy** button.  
 
@@ -31,18 +34,20 @@ Discover and learn to operate the Dashboard
 #. Now for the sake of expediting the policy blocking malicious traffic, we will turn off signature staging. This will simulate a user waiting out the default 7 days of staging your attack signatures.
 
     - Go to **Security -> Application Security -> Policy Building -> Learning and Blocking Settings**
+    - Make sure you select the **juice_shop_waf** policy at the top.
+        .. image:: ../images/pol_build.png
     - Expand **Attack Signatures**
     - Uncheck the box next to **Enable Signature Staging**
-    - Press **Save** at the bottom of that screen
+    - Press **Save** at the bottom or the top right of that screen.
     - Press **Apply Policy** button at the top right corner of your screen
 
     .. Note:: For those of you looking for the attack signature list, you may have now noticed the location of attack signatures has changed in the most recent release. 
 
-    .. image:: ../images/disablestaging.png
+    .. image:: ../images/disablestagingv2.png
 
 #. Go back to your OWASP Dashboard **Security -> Overview -> OWASP Compliance**.  Select your policy ``juice_shop_waf``..  You can now see a lot more OWASP protections now.
 
-    .. image:: ../images/dbwithblocking.png
+    .. image:: ../images/list_dis_stage.png
 
     .. Note:: When we disabled the staging, we represented a user waiting out the enforcement readiness period.  We basically just time traveled to the future!!  https://youtu.be/8qrriKcwvlY
 

docs/waf2025/images/disablestagingv2.png

@@ -5,7 +5,7 @@ Execute an attack via a python script
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
-#. Open Terminal on the LInux jump host
+#. Open Terminal on the Linux jump host
 
 #. cd /graphql