Forum Discussion
Suricate
Altocumulus
AltocumulusAre there recommended F5 ASMAWAF attack signatures to apply by default for in addition to TOP10OWASP
Hello,
I have to deploy the ASM/AWAF module on a BIG-IP LTM equipment, for many web applications. I would like to know if there are attack signatures to apply by default on any web application, in addition to the TOP 10 OWASP (https://my.f5.com/manage/s/article/K45215395), please?
Thank you in advance.
Hi Suricate ,
If you run on TMOS v 15.1.x.x or later
the best way to harden your Policy against OWASP TOP 10 Attack is to rely on OWASP Compliance in AWAF policy
Navigate ( Security >>> overview >>> OWASP compliance )
and use this this Article as a guide for you : https://community.f5.com/t5/technical-articles/making-waf-simple-introducing-the-owasp-compliance-dashboard/ta-p/285969If you run on TMOS earlier than 15.1.x.x
There are much attack signatures to defend against OWASP , but you have to follow the Article that you have sent in your POST to mitigate each one on OWASP TOP 10.
- whisperer
MVP
You want separate ASM profiles/policies for each application to tweak individually. Within the profiles/policies you set the web server and any other web technologies in use like scripting language. This then specifically reduces the signature set to what is valid for the application.
Hi Suricate ,
If you run on TMOS v 15.1.x.x or later
the best way to harden your Policy against OWASP TOP 10 Attack is to rely on OWASP Compliance in AWAF policy
Navigate ( Security >>> overview >>> OWASP compliance )
and use this this Article as a guide for you : https://community.f5.com/t5/technical-articles/making-waf-simple-introducing-the-owasp-compliance-dashboard/ta-p/285969If you run on TMOS earlier than 15.1.x.x
There are much attack signatures to defend against OWASP , but you have to follow the Article that you have sent in your POST to mitigate each one on OWASP TOP 10.
SuricateThank you very much for your answer. "OWASP Compliance in AWAF policy" will be very helpful and useful.
