Forum Discussion
OWSAP Top 10 protection
Dear All
I like to configure my F5 WAF to protect OWSAP Top 10 vulnerabilities. Is there any step by step procedural document which make the F5 WAF to get my site/app to protect against OWSAP Top 10 vulnerabilities.
.
- Aswin_mkCumulonimbus
hello RockBD
I hope this doc will help you,
WAF 111 - Protecting Yourself Against the OWASP Top 10
Lab 4 – Advanced configuration using the OWASP Dashboard
BR
Aswin- RockBDAltocumulus
Dear Aswin
Thanks for the reply. Is this for Big-IP WAF or cloud based F5?
Also the documents you share is like well demo in the following video isn't it?
https://www.youtube.com/watch?v=E1gt0BpSeNQ
Yes, this article will guide you to enable the necessary protections from the OWASP top 10.
https://my.f5.com/manage/s/article/K45215395 - OWASP Top Ten
https://my.f5.com/manage/s/article/K000135973 - OWASP Top 10 API Security
- Aswin_mkCumulonimbus
Hello RockBD
In cloud as well we are using same TMOS, and the configuration is same unless it's not BIG IP NEXT. So, if your os installed in VM/physical/clouds you can follow this and try to set a better policy. for eliminating risk, please start the policy in transparent mode and then publish it to blocking mode (after learning period). You will get more videos from DevCentral YouTube or learning platforms for configuring WAF and you can use this links as well.
Hope this answer helps you.
BR
Aswin
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com