Forum Discussion
AltocumulusOWSAP Top 10 protection
Dear All
I like to configure my F5 WAF to protect OWSAP Top 10 vulnerabilities. Is there any step by step procedural document which make the F5 WAF to get my site/app to protect against OWSAP Top 10 vulnerabilities.
.
4 Replies
- Aswin_mk
MVP
hello RockBD
I hope this doc will help you,
WAF 111 - Protecting Yourself Against the OWASP Top 10
Lab 4 – Advanced configuration using the OWASP Dashboard
BR
Aswin
RockBDDear Aswin
Thanks for the reply. Is this for Big-IP WAF or cloud based F5?
Also the documents you share is like well demo in the following video isn't it?
https://www.youtube.com/watch?v=E1gt0BpSeNQ
- welinton_trigueiro
Cirrus
Yes, this article will guide you to enable the necessary protections from the OWASP top 10.
https://my.f5.com/manage/s/article/K45215395 - OWASP Top Ten
https://my.f5.com/manage/s/article/K000135973 - OWASP Top 10 API Security
- Aswin_mk
Hello RockBD
In cloud as well we are using same TMOS, and the configuration is same unless it's not BIG IP NEXT. So, if your os installed in VM/physical/clouds you can follow this and try to set a better policy. for eliminating risk, please start the policy in transparent mode and then publish it to blocking mode (after learning period). You will get more videos from DevCentral YouTube or learning platforms for configuring WAF and you can use this links as well.
Hope this answer helps you.
BR
Aswin
