Forum Discussion

mkeenan_289714

Nimbostratus

Oct 09, 2016

What is a good tool to test ASM security policies?

What is a good tool to test ASM security policies? Something like a web application vulnerability scanner?

ASM Advanced WAF

security

Leonardo_Souza

Cirrocumulus

Oct 09, 2016

Yes, a vulnerability scan. Any vulnerability scan will work, but if you do with the ones ASM supports, you can then import the report in the ASM to a create a policy.

Have a look in this link: https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-getting-started-12-1-0/4.html

This is the Gartner quadrant for application security testing (should tell who is good or not): https://www.gartner.com/doc/reprints?id=1-2KU6P9E&ct=150807&st=sb

I also found this link, with a large list of scanners: http://projects.webappsec.org/w/page/13246988/Web%20Application%20Security%20Scanner%20List

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

What is a good tool to test ASM security policies?

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

shame on f5

Dynamic import of data groups

ASM allow specific url from outside country of geolocation ON

AWAF Detection Inconsistency Between Similar Test Payloads

version 21.1 ACME setup for certificate renewal with Digicert

Related Content

Minimizing Security Complexity: Managing Distributed WAF Policies

Fine-Tuning F5 NGINX WAF Policy with Policy Lifecycle Manager and Security Dashboard

Auditing Security Policy Updates

Quarterly Security Notification October 2025

iRule to modify a content-security-policy header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS