A look on APT operations and using F5 BIG-IP features for mitigation

Introduction Vulnerabilities are constantly discovered on various platforms and when certain threat actors utilize them and adds their method of operations, these threat actors sometimes become n...
Published Mar 27, 2023
Version 1.0
f5 sirt
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Sep 21, 2023

Nice! If you add an icall that triggered a python script it can auto update the Data Group by pulling data from athreat intelligence site. I have seen this with older versions of the SSLO where the icall pulled the Microsoft urls as to dissable decryption for them with a data group.

 

https://github.com/f5devcentral/sslo-o365-update