LET'S REFINE THE PCI RISK
Through customer feedback and internal testing, we've noticed that URL strings seem to be the most common source of false positives for our PCI risk. The following instructions will guide you thought the process of excluding URL strings from being scanned for PCI risk.
STEP ONE:
Sign into your Cloud Access Monitor Instance.
STEP FOUR:
Locate the "PCI" risk and click the edit pen icon on the far right of the row.
STEP FIVE:
Locate the "Approved Regex" section towards the bottom of the page. Next, copy and paste the following regular expression into the text box and click "Save"
https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)|www\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)|www\.[a-zA-Z0-9]{2,256}\.[a-z]{2,6}\b([-a-zA-Z0-9@:%_\+.~#?&//=]*)
That's it! Your platform will no longer flag the PCI risk if the number is part of a URL.
WHAT DID I JUST DO?
The "Allowed Regex" field accepts regular expressions (A type of code that defines a search pattern) and passes them on to our risk scanning engine. When a string of characters is flagged as a risk, the scanning engine next checks to see if it matches any allowed patterns present in this box. If the string matches the pattern this time, the engine will ignore the string and move on to the next.
Comments
0 comments
Please sign in to leave a comment.