Forum Discussion

Wasfi_182818's avatar
Wasfi_182818
Icon for Nimbostratus rankNimbostratus
May 31, 2016

Accepting an attack signature then reversing the action

Hi;   If a junior admin accepted a learnt attack signature, thinking it is a false positive, then the senior admin decides to "un-accept" it as he recognized that it is not a false positive. How c...
  • Yann_Desmarest_'s avatar
    May 31, 2016

    Hi,

     

    You can check the signature that have been accepted in the history of the security policy under "Policy >> History" and "Policy >> Audit".

     

    Then, you can then restore a previous version of the security policy (history menu) or go to the specific section where the user has accepted a signature (URL, Parameter)