Forum Discussion
mm_pen_242283
Nimbostratus
NimbostratusViewing F5 provided ASM attack signature
Hi experts.
I noticed signatures that are matching certain strings (e.g. "more", "at", "id", "tar") in HTTP transactions may be quite dangerous in terms of false positives. There are many occurr...
boneyard
MVP
MVPi believe officially F5 states they are not accessible. but there are knowledge base articles that explain how to examine the databases ASM uses and those signatures are in one of those.
https://support.f5.com/kb/en-us/solutions/public/6000/900/sol6979.html
