XXE Policy Configuration
XXE detection can be enabled in the App Firewall policy.
- Navigate to Policies and click on the App Firewall tab.
- Scroll down to the section titled "XML External Entity (XXE)". Check the box labeled "Enabled".
- Users who want to catch all possible malicious XML payloads should check the box next to the default "tc-xxe-1" pattern, under "Regular Expressions (Pattern ID)". Advanced users may want to add and enable their own regular expressions.
- Click "Deploy" on the banner at the bottom of the screen.
FAQ: Can I enable XXE with no regular expressions?
Users must enable at least one XXE regular expression to see XXE events in tCell.
Did this page help you?