How Often does the ASM Known Leak Credentials gets updated?

Question

How Often does the ASM Known Leak Credentials gets updated? How does F5 gets this information?&nbsp;Thank you, &nbsp;Erika

nathan_f__f5_ · Answer

Hi Erika,&nbsp;The ASM uses a database of hashed username/password pairs to implement its checks for leaked credentials. The usernames and passwords themselves are not stored on the ASM. The hashes are built from records sourced from multiple databases of compromised usernames and passwords with over a billion entries in total. This database is maintained by the Product Development team but does not have a specific update cycle. Instead, the database is simply updated as more compromised credentials are released.&nbsp;I hope this helps.

Forum Discussion

How Often does the ASM Known Leak Credentials gets updated?

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

Using bash and tmsh to make bulk updates

OWASP Automated Threats - Credential Stuffing (OAT-008)

Leaked Credential Check with Advanced WAF

Updating SSL Certificates on BIG-IP using REST API

Upcoming Action Required: F5 NGINX Plus R33 Release and Licensing Update

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS