For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

t_dub82's avatar
t_dub82
Icon for Nimbostratus rankNimbostratus
Apr 21, 2020

Should ASM/WAF Be Implemented for a Temporary Static Notification Content Page

We have an application that no longer exists. A static page has been created (which will be up for 90 days) to tell the users that it no longer exists. Is there any best practice to whether the ASM...
ASM Advanced WAF
security
cjunior's avatar
cjunior
Icon for Nacreous rankNacreous
Apr 24, 2020

As far as I know, it depends on how the service is hosted or the platform or a known issue on it.

You may not be vulnerable to a command injection because site is static.

But is possible to be vulnerable to command execution, poisoning, tampering, etc.

So, yes, I would apply a policy there t least based on a platform.

 

Regards.

  • t_dub82's avatar
    t_dub82
    Icon for Nimbostratus rankNimbostratus
    Apr 24, 2020
    Okay thanks for the information. Tomara Watkins, BSBA MBA ODJFS/OIS/IT Governance and Risk Management Desk Phone: (614) 387-8162 Service Desk: (614) 466-0978 stateofohio.service-now.com/ess Email: tomara.watkins@jfs.ohio.gov ONE TEAM, inspiring each other to embrace INNOVATION; Deliver VALUE-ADDED services; and create DIGITAL BUSINESS solutions