What kind of Whitelisting can be done with different rules?


In order to reduce the number of unwanted security events due to normal or expected application behaviour , you can configure whitelisting.
Please see below what kind of whitelisting can be done with our standard rules.

Please refer to the documentation for detailed descriptions.

Rule Category Rule Whitelist Capability Rule Reduce Scope Capability Summary
CSRF Yes (inbuilt) Yes - Endpoint Reduction ✔️
XSS Yes (inbuilt) Yes - Endpoint Reduction ✔️
Deserialization Yes (properties
e.g. com.waratek.AllowDeserialPrivileges="java.lang.ProcessBuilder.()")
No ✔️
DNS Yes (allow) Yes - Specific host, FQDN or IP ✔️
File I/O Yes (allow) Yes  - Path Reduction ✔️
Header Injection No Yes - Endpoint Reduction ✔️
Header Response Addition No Yes - Endpoint Reduction ✔️
Input Validation Yes (allow) Yes - Endpoint Reduction ✔️
Library Loading Yes (allow) Path Reduction ✔️
Open Redirection Yes (allow) Yes - Endpoint Reduction
Yes - Exclude subdomains
Yes - Taint Source Reduction
Path Traversal No Yes - Taint Source Reduction ✔️
Process Forking Yes (allow) Yes - Path Reduction ✔️
Sanitization Yes (inbuilt) Yes - Endpoint Reduction ✔️
Session Fixation No No X
Socket Rules Yes (inbuilt) Yes - Endpoint Reduction ✔️
SQLi Yes (properties
e.g. com.waratek.AllowSQLiPayloads=sql1_to_be_whitelisted, another_sql_statement, yet_another)
No ✔️
XXE Yes (allow) No ✔️