This section discusses Selecting a Paranoia Mode

The available paranoia modes are:

  • 1- Low (Default and recommended mode)

  • 2- Medium

  • 3- High

  • 4- Extreme

Two aspects that should be considered while setting the paranoia mode are:

  • Risk level of an application.

  • Resources available for policy tuning.

The following table maps paranoia modes to different risks levels and resource availability.

High application risk level

High paranoia mode

Low application risk level

Low paranoia mode

Resources available for tuning

Higher paranoia mode

Limited resources available for tuning

Lower paranoia mode

For more information on paranoia mode, refer to OWASP CRS Paranoia Mode.