We have bring WAPPLES for POC at th

We have bring WAPPLES for POC at the prospected customer, who is using Imperva WAF now and we need your help according to the requirements from the customer as following below:

1. Due to a lot of attack events per day, they would like to focus on the most impact rule (critical events) first and then they will investigate on the rest rule. Could you please provide us the guide line for the configure risk level of WAPPLES rule. (From your suggestion and attack events as the ‘WAPPLES_detectionlog.rar’ file)

2. Is it possible to Allow some source IP (i.e. from Thailand) for some destination IP (some web server) for some rule?  i.e. from the detection log, they would like to Allow the IP address from Thailand / internal IP address to bypass the ‘Cross Site Scripting’ rule. (PS: As I tested, it seems the Black / White List IP will effect to all of security rules. Am I correct?)

3. They would like to see the attack events summary as a graph format (Critical/high/medium/low) as same as ‘15.png’ and ‘16.png’ which Imperva can provide them.  Is it possible to request this feature to your R&D team?

4. They would like see the real-time dashboard / report as same as ‘Top Attack’ and ‘Attack By Countr’y on Cloudbric dashboard. (as ‘cloudbric_top_attack.png’ and ‘cloudbric_attack_countries.png’ file). Is this feature coming with new firmware release or not?

5. Could you please review the File Upload event as ‘File Upload.rar’ file and kindly explain whether their web server has already been uploaded with the malicious files or not? (Note: This web server does not have any upload pages but WAPPLES can detect the file upload event.)

6. Do you have any more suggestion after reviewing the ‘WAPPLES_detectionlog.rar’ file?

Thank you very much in advance.