Forum Discussion

Nimbostratus

Sep 22, 2014

Best practices for attack signature update/maintenance on ASM

We are looking for suggestions regarding best practices for attack signature update/maintenance on ASM in an university environment. We would like to have inputs for the following questions How...

Nimbostratus

Sep 22, 2014

Hi,

Attacks signatures should be updated as often as you can. You won't need to apply each version, it will depend on what you have to protect.
Again it depends on which security management you apply. To avoid some false positives, you have to change blocking signatures to staging mode. I usually do that, you'll avoid to be waked up at 3am for "nothing".
Yes you can do that. Each ASM policy is isolated from others. So on your QA policy, you can update a policy whereas on your prod one you don't apply the update.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Best practices for attack signature update/maintenance on ASM

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

SSL Bridging and FQDN rewrite Policy

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

F5 BIG IP laboratory license

F5 mssql health monitor failing

Related Content

AS3 Best Practice

F5 Certified Practice Exams

Security Best Practices for F5 Products

Cipher Suite Practices and Pitfalls

November Security Research Update: Newly Released Attack Signatures

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS