Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Mohammed_87's avatar
Mohammed_87
Icon for Nimbostratus rankNimbostratus
6 days ago

Best Practice guide for enabling Attack signature In BIG-IP ASM

Team, I am newbee to F5 ASM.  What are the factors needs to consider before enabling the attach signature set ? Which signature sets need to consider enabling ?  
big-ip asm
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
2 hours ago

Before working with F5 I suggest passing their training for ASM/AWAF as they have instructor or on-demand options.

https://www.f5.com/learn/training

 

Sorry but for more than just supporting/operations that is the best path.

 

For basic knowledge you can see 

https://my.f5.com/manage/s/article/K73819494 and 

https://www.youtube.com/@f5networkswwfieldenablemen226 

 

 

Outside of that you will need the developers to help as to tell you which server technologies are used or a staging environment where you can use the "Auto Detection" option for F5 to find them by seeing the request/responses. 

https://my.f5.com/manage/s/article/K000134827 

 

If the app is critical you may need to add low signatures but if not better have just medium or high as to be able to support it in the future. Also for not much experienced engineers better have automatic policy builder and configure trusted ip jump host where the developers can log in and connect to the app, so that false positives are cleared in a fast way. 

 

But as I said before deploying new waf policy you will need to build F5 AWAF knowledge and work with the developers.