Forum Discussion

Cirrus

Mar 30, 2021

ASM Attack Signature Sets

Hello everyone, Do you have any recommendation which attach signatures set should be added to the policy as a best practice? I mean except it has been added by Server Technologies. For example, do i ...

Erik_Novak
Mar 30, 2021
If your application relies on a back-end SQL DB then yes, you should add the SQL Injection signature sets to secure it. It sounds like Server Technologies are being automatically detected and added your policy. That's good because all you really need are the attack signatures for the OS, web server, application framework, and database which match your environment. This means you won't have to manage violations triggered by attack signatures which are not related to your infrastructure. Make sense?

Nikoolayy1

MVP

Mar 30, 2021

As Erik is saying better talk with you dev and server teams about what is the database, what is the operational system on server, what programming languages are used as such things need to be asked.

Seçkin
Cirrus
Apr 02, 2021
Thanks :)

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM Attack Signature Sets

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Default Attack Signature Sets

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

Live Update- ASM attack signatures

The HTTP/2 CONTINUATION frame attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS