Forum Discussion
samstep
Oct 19, 2016Cirrocumulus
I doubt that PCI-DSS will give you any trouble for the fact that you can prove that you have a WAF :) on more serious note though what the auditors would look for is patching level. There have been several security vulnerabilities in F5 products in the past few months, so make sure you have the latest Hotfixes.
Here is a handy link listing all F5 vulnerabilities (CVEs) in 2016: