Import scan results into Fortinet FortiWeb

Once you have exported the scan results from Invicti Platform, follow this document to import them to Fortinet FortiWeb WAF.

Pre-requisites

• Your FortiWeb system configuration needs to be completed according to the networking environment surrounding your web application
• You completed a scan in Invicti Platform and created a WAF export file in FortiWeb format.

Import vulnerability export data into FortiWeb

1. Select Web Vulnerability Scan > Scanner Integration > Scanner Integration from the menu.

2. Click Scanner File Import.

3. Set Scanner Type to Invicti.

4. The Upload File section allows you to browse your folders and select the WAF export file.
5. Enable the Generate FortiWeb Rule Automatically checkbox.
6. Set ADOM Name to the ADOM that the generated rules will apply to.
7. Set the Profile Type depending on whether the generated rules will apply to an Inline or Offline Protection Profile.
8. Specify in the option Merge the Report to Existing Rule whether to create a new Rule set for the generated rules, or to add the generated rules to an already existing Rule set.

• If creating a new Rule set, give this new Rule set a name (in this example we use InvictiTests).
• If adding to an already existing Rule set, select the Rule set to which the generated rules will be added.

9. You will need to specify what action FortiWeb will take when it detects a user making a request that would trigger a vulnerability which the generated rules are defending against

• Different actions can be set depending on whether the vulnerability is classified as high-level or medium-level or low-level
• The "Alert" action allows the request and generates an email alert and/or a log message
• The "Deny" action blocks the request and generates an email alert and/or a log message

10. Click OK to upload the export file. Your WAF export has now been integrated into your FortiWeb Rule Set.