Forum Discussion

Cirrocumulus

Feb 26, 2024

Mitigating Stored XSS Attacks with F5 Big-IP ASM: Insights Needed

Hello Everyone, Could someone provide insights into how F5 Big-IP ASM handles stored XSS attacks? My understanding is that ASM primarily focuses on inspecting and enforcing XSS signature set...

security

Daniel_Wolf

MVP

Feb 26, 2024

Hi Nishal_Rai,

ASM compares the request or response against the attack signatures associated with your security policy. If a matching pattern is detected, ASM triggers an Attack signature detected violation, and either alarms or blocks based on the enforcement mode of your security policy.
See here: https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-attack-and-bot-signatures-14-1-0/assigning-attack-signatures-to-security-policies.html

I don't have DVWA running atm to test your case, but I'm confident this will work.

KR
Daniel

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Mitigating Stored XSS Attacks with F5 Big-IP ASM: Insights Needed

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Cyber Security Attack Mitigations with BIG-IP features

Announcing Security Insights

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures

Mitigating OWASP Web Application Risk: SSRF Attack using F5 XC Platform

Mitigating OWASP Web Application Risk: Broken Access attacks using F5 Distributed Cloud Platform

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS