Guided Configuration on API security

Question

Hi Folks,We are using ASM module for some time and there are many application security policies that are in block mode.&nbsp;We have some api related application in our environment, now wanted to protect those api based applicaiton through guided configuration.&nbsp;Please guide to start with guided configuration with respect to api security.&nbsp;&nbsp;Thanks&nbsp;Kuzhal

daniel_wolf · Answer

Hi&nbsp;kkuzhal,
the guided configuration for AWAF API protection offers two variants.1. You have an OpenAPI Specification (formerly Swagger Specification)2. You don't
If you have, it will allow only the specified API endpoint and methods. If you don't, you have to specify them manually. That's pretty much it.
I like API Protection with APM better, because it includes authentication and rate limiting.
KRDaniel

Forum Discussion

Guided Configuration on API security

Recent Discussions

Outlook application issue

Why does WAF block HTTP OPTION method

Rewriting Location Header in iRule

HA Configuration (One in primary and One in DR)

Sending a trusted certificate to server

Related Content

Secure against the OWASP Top 10: Guide for 2021

DevCentral RSA Trip Planning Guide

Zero-touch configuration of secure apps across BIG-IP tenants using CTS

APM Guided configuration is missing

Managing Kubernetes Traffic With F5 NGINX: A Practical Guide