For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nishal_Rai's avatar
Nishal_Rai
Icon for Cirrocumulus rankCirrocumulus
Feb 26, 2024

Mitigating Stored XSS Attacks with F5 Big-IP ASM: Insights Needed

Hello Everyone,   Could someone provide insights into how F5 Big-IP ASM handles stored XSS attacks?    My understanding is that ASM primarily focuses on inspecting and enforcing XSS signature set...
security
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
Feb 26, 2024

Hi Nishal_Rai,

ASM compares the request or response against the attack signatures associated with your security policy. If a matching pattern is detected, ASM triggers an Attack signature detected violation, and either alarms or blocks based on the enforcement mode of your security policy.
See here: https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-asm-attack-and-bot-signatures-14-1-0/assigning-attack-signatures-to-security-policies.html

I don't have DVWA running atm to test your case, but I'm confident this will work.

KR
Daniel