Custom detection points are not looked up for possible responses
Opened this issue · 1 comments
org.owasp.appsensor.analysis.ReferenceAttackAnalysisEngine's method findPossibleResponses doesn't look up also custom detection points for possible responses.
Is this an intended behaviour or it is a bug?
I have almost ported the code to Javascript.
In one of my tests, I configured custom detection poin and generate events of it.
org.owasp.appsensor.analysis.ReferenceEventAnalysisEngine in analyze method takes advantage of org.owasp.appsensor.core.configuration.server.ServerConfiguration's findDetectionPoints method which looks up custom detection poins as well.
When an attack of this detection point is analyzed by org.owasp.appsensor.analysis.ReferenceAttackAnalysisEngine, it doesn't
find possible response and corresponding generated response's action is empty.
Thank you very much for your great code.
Kind regards,
Spas Iliev
Hello,
I see #35 and the reason behind to override some aspects of detection points.
I used to think of client/custom detection points as an extension (e.g. Z01) to the points described in the reference of AppSensor Guide v. 2.0.
I think in both cases the question still stands: Why not to override the response as well?
Kind regards,
Spas Iliev