on
21-Jan-2019
03:00
- edited on
29-Jun-2022
02:21
by
Nir_Zigler
F5 offers security solutions for AWS customers who use the platform's hosting and load balancing services along with the AWS WAF offering.
F5 Rules for AWS WAF - Web exploits OWASP RulesF5 Rules for AWS WAF - Bot Protection RulesF5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE)F5 Rules for AWS WAF - API Security Rules
With the recent addition of logging capabilities of requests that had a match with one of the rule sets, there is now an option to:
The following CSV maps between rule IDs and attack types, and will help customers of the F5 Rules for AWS WAF products to better manage rule exclusions in their Access Lists.
For more details on AWS-WAF logging configuration please visit:https://docs.aws.amazon.com/waf/latest/developerguide/logging.html
That CSV file doesn't exist anymore. Can somebody please update this post, with an updates link to the CSV file ASAP.
Thanks
Jat
Thanks Chase, can we please keep on top of the content in the csv file. I'm sure the rules being exploited are changing very frequently meaning that this document needs to follow suit?
For the fact that my company pays a subscription to F5 for this WAF Marketplace rule, I think I'm more than within my rights to be asking for this.
The team responsible for this does maintain the file, in this particular case the file had an invalid URL due to our recent migration. The file is now part of the article moving forward and will stay current by the team that manages the AWS subscription service.
Ok, thanks for addressing this Chase. No doubt I will be coming back to this document frequently.
Regards
Jat
@worapojc - the file appears to have been corrected. Thanks for letting us know.