In this edition of the Partner Showcase, we take a look at a solution from Immuniweb. Immuniweb provides, (among other features) risk-based and threat-aware application security testing (AST) along with vulnerability scanning. The results of which can be utilized to automaticlly update and strengthen F5's BIG-IP with Advanced WAF policies.
On the first step of the project creation wizard, click on the “Show Vulnerability Data Export Options” section to expand it. Then select “F5 BIG-IP® ASM WAF” from the list of available Web Application Firewalls:
2. How to export the list of detected vulnerabilities on ImmuniWeb® AI Platform
For ImmuniWeb On-Demand or MobileSuite projects, once the assessment is finished, you can download a JSON file with a security policy for BIG-IP® Advanced WAF® by clicking on the “Export Vulnerability Data” button.
For ImmuniWeb Continuous project, at any time when there are vulnerabilities in “Unpatched Vulnerabilities” or “Archived Vulnerabilities” tabs of the dashboard, you can download a JSON file with a security policy for BIG-IP® Advanced WAF® by clicking “Export” button.
Save the XML file on your local or network drive.
3. How to import the list of vulnerabilities into F5 BIG-IP® Advanced WAF®)
Login to BIG-IP® Configuration Utility. In the left-side menu go to: Security -> Application Security -> Vulnerability Assessments -> Settings. Then select ImmuniWeb® from the “Vulnerability Assessment Tool” dropdown list.
Navigate to Vulnerabilities tab and click on the “Import” button and then the “Browse…” button to select the XML file previously exported from ImmuniWeb.
Click “Apply Policy” button to apply updates to the selected security policy. The virtual patching for the selected vulnerabilities shall now be deployed. Consider removing the XML files with vulnerability data from any insecure or temporary locations.