alert blocking ASM - brute force attack

Question

Hello, dear, in ASM will there be any way to alert either by mail or something when a traffic is blocked by waf? specifically when it is blocked by brute force attack, the suport id is not reaching the client and I need to know some way to alert that

erik_novak · Answer

How is your login page configured against brute force? Specifically, for your Source-Based Protection settings, are you tracking by Username, IP address, Device ID, etc.? The CAPTCHA response includes a support ID as shown here:If you are using the default Blocking Response page for Login Pages  (instead of CAPTCHA) then the Support ID should also be displayed to the client. The recommendation for logging is to use a remote server which you could then configure to send emails based on certain security events.

Forum Discussion

alert blocking ASM - brute force attack

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

The HTTP/2 CONTINUATION frame attack

Certificate Expiry Email alert configuration

ESRP Strategies: DNS Water Torture Attack

Configure Generic Webhook Alert Receiver using F5 Distributed Cloud Platform

Cyber Security Attack Mitigations with BIG-IP features

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS