Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    User Guide

    Home FortiAppSec Cloud User Guide
    26.1.0
    26.1.0
    25.4.0
    25.3.0
    25.2.0

    Global Trustlist

    Global Trustlist

    You can configure FortiAppSec Cloud to ignore scanning parameters specified for modules of signature based detection, syntax based detection, and anomaly detection across the entire application.

    1. Go to Global Trustlist.
      You must have already enabled this module in Add Modules. See Add and Remove Modules.
    2. Click Create New.
    3. Configure these settings.

      Parameter Name

      		Enter a unique name for the parameter as it appears in the URL or HTTP body.

      Request Status

      		Optionally, you can enable to indicate a regular expression designed to match multiple URLs, which carry the trustlist parameters.

      Request URL

      Specify a URL value to match, such as ^/*.php, which matches requests for http://www.test.com/^/*.php. The pattern does not require a slash ( / ); however, it must at match URLs that begin with a slash, such as /index.cfm.

      See Frequently used regular expressions.

      Do not include a domain name because it's by default the domain name of this application.

    4. Click OK.
      In the global trustlist table, you can click buttons to edit, or delete the parameter rule; also, you can choose to enable or disable to indicate the URL to match.

    Previous
    Next

    Global Trustlist

    Global Trustlist

    You can configure FortiAppSec Cloud to ignore scanning parameters specified for modules of signature based detection, syntax based detection, and anomaly detection across the entire application.

    1. Go to Global Trustlist.
      You must have already enabled this module in Add Modules. See Add and Remove Modules.
    2. Click Create New.
    3. Configure these settings.

      Parameter Name

      		Enter a unique name for the parameter as it appears in the URL or HTTP body.

      Request Status

      		Optionally, you can enable to indicate a regular expression designed to match multiple URLs, which carry the trustlist parameters.

      Request URL

      Specify a URL value to match, such as ^/*.php, which matches requests for http://www.test.com/^/*.php. The pattern does not require a slash ( / ); however, it must at match URLs that begin with a slash, such as /index.cfm.

      See Frequently used regular expressions.

      Do not include a domain name because it's by default the domain name of this application.

    4. Click OK.
      In the global trustlist table, you can click buttons to edit, or delete the parameter rule; also, you can choose to enable or disable to indicate the URL to match.

    Previous
    Next