Forum Discussion

Nimbostratus

Aug 03, 2016

Attack signature updates.

can anyone confirm best practices for Attack Signature updates? I would like to know if when working with a production environment if it would be safer to implement in the below stated layout as oppo...

MVP

Aug 03, 2016

false positives with (attack) signatures is an issue with any type of device, a WAF like the ASM module or a firewall IPS module. be honest against your customer and explain that some requests might be blocked which were no attacks. if you want security and use attack signatures you will need to accept that.

but you can make the risk smaller as explained by Jinshum, of course putting them trough testing is nicer, but can you test well enough?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Attack signature updates.

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform AS3 code for GTM Only.

BIG-IP device fails to install node-inspector

WAF Block Request

AST Configuration Assistance

F5 HA deployment in Azure using Azure Load Balancer

Related Content

Custom Attack Signatures

Live Update- ASM attack signatures

Are ASM Attack Signature Updates Cummulative?

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Wildcard Parameter signature attack

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS