Forum Discussion
Avalanchee
Nimbostratus
Giridharan, Thank you for your feedback and interest in the AWSWAF F5 Rules product.
We are routinely working to improve the F5 Rules product to fix coverage issues. Please feel free to provide any further details regarding the sample OWASP SQL/XSS you used.
Please note that the AWS Managed WAF solution only provides coverage against common and simple attack vectors, and is not meant to replace a state of the art WAF solution.
Giridharan_2650
May 20, 2018Nimbostratus
Nir Zigler, Thanks for your response . Test cases in the following OWASP link were tried against the managed WAF rules and it was not getting blocked (https://www.owasp.org/index.php/Testing_for_SQL_Injection_(OTG-INPVAL-005)) . Do we have any reference to the attack patterns that the rule set covers