Forum Discussion

Nimbostratus

Nov 09, 2016

Viewing F5 provided ASM attack signature

Hi experts. I noticed signatures that are matching certain strings (e.g. "more", "at", "id", "tar") in HTTP transactions may be quite dangerous in terms of false positives. There are many occurr...

ASM Advanced WAF

security

Erik_Novak

Employee

Nov 09, 2016

Boneyard is correct. Attack signatures are intellectual property:

https://support.f5.com/kb/en-us/solutions/public/8000/700/sol8771.html

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Viewing F5 provided ASM attack signature

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

November Security Research Update: Newly Released Attack Signatures

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

NGINX App Protect v5 Signature Notifications

Enable SAML Service Provider on F5 Distributed Cloud Application

ASM provided signatures rules text

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS