For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dragonflymr's avatar
dragonflymr
Icon for Cirrostratus rankCirrostratus
Nov 06, 2015

ASM and targeted form exploatation

Hi,   I am looking for real life experiences/advice related to protecting against very precise automation based form filling. Main point here is that whole process is not violating any application...
ASM Advanced WAF
design
security
Michael_Koyfma1's avatar
Michael_Koyfma1
Icon for Cirrus rankCirrus
Nov 07, 2015

I highly suggest trying version 12 and using Proactive Bot Detection in the L7 DDoS profile. There are significant improvements in v12 with respect to ability to detect headless browsers such as PhantomJS, etc.

 

  • dragonflymr's avatar
    dragonflymr
    Icon for Cirrostratus rankCirrostratus
    Nov 09, 2015
    Hi, Thanks for info, have you any info what exactly was implemented - or as I guess it's F5 secret? I am still wondering how it can stand up against targeted attack performed by really skilled persons knowing that ASM is used for protection. Piotr
  • Michael_Koyfma1's avatar
    Michael_Koyfma1
    Icon for Cirrus rankCirrus
    Nov 09, 2015
    Piotr, Yes, as you guessed, it is the F5 secret. In general, as you know, for every malicious activity, there is a countermeasure - and F5 continues to improve the countermeasures against various types of bots and automated hacking mechanisms. While nothing is guaranteed, I suggest you try out v12 and see if the new features are effective in combating the activity you're seeing.
  • dragonflymr's avatar
    dragonflymr
    Icon for Cirrostratus rankCirrostratus
    Nov 12, 2015
    Hi, Thanks for info. Maybe you know any good links (not only F5) about identifying and blocking boots based on headless browsers? Piotr