Forum Discussion

Nacreous

Oct 18, 2022

All attack signatures vs server/application specific ASM attack signatures

Hi, as per everyone's experience, what's best to select attack signatures for a WAF policy? I'm aware that all attack signatures might have some downside (latency, resources issue) but isn't it goo...

security

waf

buulam

Admin

Oct 27, 2022

I can see your point but one thing I'd consider is that you can potentially (actually probably) open yourself up for a lot of false positives. To the point where if an attacker knows this is the case, they could fill your logs with false positives, while burying actual attack attempts. Sure - you could filter that out but then why have that in the first place? Those are my views at least. Good topic!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

All attack signatures vs server/application specific ASM attack signatures

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

What happens if I activate only ASM without provisioning LTM?

Implement load balancing solution with constraints

How to Block Source IP for 24 Hours After TPS Violation (F5 DoS / iRule / SSL Proxy Setup)

VMware Horizon app and X-Forwarded-For

Migration of complete ucs file of BIGIP 2000 LTM to r5800 creating tenant/ Using Journey APP

Related Content

NGINX App Protect v5 Signature Notifications

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

BoT Defense Profile, Signature Enforcement

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS