Forum Discussion

Nimbostratus

Jun 06, 2023

Difference between Rest API security protection and API Security ASM template ?

Hi, I have to protect some Rest API with ASM. I saw that there are 2 different API protection features : 1) Create an ASM policy with the API security template where you just import the swagger fi...

security

Daniel_Wolf

MVP

Jun 06, 2023

Hi DocteurBGP,

the APM Policy can

import an Open API Spec file
verify that the API call is made to an allowed API endpoint.
verify that clients makes only unauthenticated API calls and verify JWT access tokens
do Rate Limiting

The AWAF Policy can

import an Open API Spec file and validate that the API request conforms to the spec file
protect against Web Application Threats

To my surprise the AWAF Policy can import an Open API Spec file but does not build a list of allowed URLs (methods / endpoints) from it.

KR
Daniel

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Difference between Rest API security protection and API Security ASM template ?

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Protecting SAP CIAM B2C with Shape Security

F5 Essential App Protect: Go !

F5 Security Podcasts

APM Security: Protecting Internal Resources Using ACLs

Detect and stop exfiltration attempts with F5 Distributed Cloud App Infrastructure Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS