Are ASM Attack Signature Updates Cummulative?
If I install the latest attack signature update file, but have missed doing so for the previous 10 updates, will this latest file install all the previous releases? Or, do I have to go back and manually load all of those 10 previous files?
If I do need to manually load those 10 previous updates, would I need to start off with oldest first and work my way towards the latest?
yes they are, see K82512024: Managing BIG-IP ASM Live Updates (14.1.x and later).
"Note the following about BIG-IP ASM Live Update:
- Updates are cumulative. When you update the BIG-IP ASM components, the update provides the latest signatures, browser challenges, and all items from the previous updates. Updating the components also provides revisions to existing signatures, server technologies, and browser challenges.
Quote: "The attack signature updates are cumulative; when you update the system-supplied attack signatures, the update provides the latest signatures and all signatures from the previous updates. Updating the attack signatures also provides any revisions to existing attack signatures."