Forum Discussion

RockBD's avatar
RockBD
Icon for Altocumulus rankAltocumulus
Nov 10, 2024

VAPT or APT tools scan prevention

Hello 


When the security team starts Vulnerability Assessment and Penetration Testing (VAPT) or Application Security Testing (APT) on a web application, then it can go and test those web pages that only registered users can browse. Is there any way I can block this with Big-IP. 

Sorry if my question is silly.

 

  • Hi RockBD ,

    Thanks for dropping this question and I assure that this question is definitely not silly. Anyway, can I know what module of the BIG-IP that you are using and which version is it running on?

    Cheers,
    Mo.

    • RockBD's avatar
      RockBD
      Icon for Altocumulus rankAltocumulus

      I am sure which module you're talking about. We are using WAF and Big-IP 17.1.1.4 build 0.14.9.

  • I am sure which module you're talking about. We are using WAF and Big-IP 17.1.1.4 build 0.14.9

  • Hey RockBD ,

    Thanks for your response. Can I clarify that you want to block VAPT scans from scanning browsers that your registered users can access to? 

     

    • RockBD's avatar
      RockBD
      Icon for Altocumulus rankAltocumulus

      I want to block unregistered user access from outside world to my web systems. outside access can be VAPT scans or other for unregister users.

      • how you do make a difference between unregistered and registered users?