Skip to content

Verifying Attacks

Wallarm automatically rechecks attacks for active vulnerability detection.

You can check the attack verification status and force an attack recheck on the Events tab. Selected attack will be the basis for the test attack set generation.

Attacks with various verification statuses

Check the Attack Verification Status

  1. Click the Events tab.

  2. Check the status in the "Verification" column.

Attack Verification Status Legend

  • Verified
    Verified: The attack has been verified.

  • Error
    Error: An attempt to verify an attack type that does not support verification.

  • Forced
    Forced: The attack has a raised priority in the verification queue.

  • Sheduled
    Scheduled: The attack is queued for verification.

  • Could not connect
    Could not connect to the server: It is not possible to access the server at this time.

Forcing an Attack Verification

  1. Select an attack.

  2. Click the status sign in the "Verification" column.

  3. Click Force verification.

Wallarm will raise the priority of the attack verification in the queue.

Attacks verification

Attack Types that Do Not Support Verification

Attacks of the following types do not support verification:

  • Brute-force

  • Forced browsing

  • Attacks with a request processing limit

  • Attacks for which the vulnerabilities have already been closed

  • Attacks that do not contain enough data for verification

Attack re-check will fail in the following cases:

  • Attacks sent via the gRPC or Protobuff protocol

  • Attacks sent via the HTTP protocol of the version different from 1.x

  • Attacks sent via the method different from one of the following: GET, POST, PUT, HEAD, PATCH, OPTIONS, DELETE, LOCK, UNLOCK, MOVE, TRACE

  • Failed to reach an address of an original request

  • Attack signs are in the HOST header

  • Request element containing attack signs is different from one of the following: uri , header, query, post, path, action_name, action_ext