Overview

Application Security Management (ASM) provides observability into application-level attacks, and evaluates the conditions in which each trace was generated. ASM trace qualification then labels each attack as harmful or safe to help you take action on the most impactful attacks.

Filter by the Qualification facet in the ASM Traces Explorer to view the possible qualification results:

ASM trace list with the qualification facet showing the possible qualification results

Qualification outcomes

ASM runs qualification rules (closed-source) on every trace. There are four possible qualification outcomes, as listed in the facet menu:

Qualification resultDescription
UnknownASM has qualification rules for this attack, but did not have enough information to make a qualification decision.
None successfulASM determined that attacks in this trace were not harmful.
HarmfulAt least one attack in the trace was successful.
No valueASM does not have qualification rules for this type of attack.

Trace sidepanel

The qualification result can also be seen when viewing the details of an individual trace.
Example of a trace that ASM has qualified as safe:

ASM trace qualified as safe

Example of a trace that ASM has qualified as harmful:

ASM trace qualified as harmful

Further Reading

PREVIEWING: may/unit-testing