AWS F5 Bot Rules Protection ¿any testing page to test effectively use cases?

Question

Hi there!&nbsp;We have purchased in AWS F5 all rules (OWASP, Bot, API prot. and CVE's)&nbsp;Atm we want to test all of them, any webpage with common example attacks to test if it works? we can start with Bot Protection.&nbsp;Thanks all.

gocker99 · Answer

Hello! F5 does not have a webpage to send test attacks at your site but there are third party apps you can use.

We would recommend starting with covering the OWASP attacks as those are most common.

Here is the OWASP testing guide: https://owasp.org/www-project-web-security-testing-guide/

Here is the location of OWASPS free ZAP attack proxy: https://owasp.org/www-project-zap/

After applying the rules and then testing with ZAP, that will test the OWASP top 10 and API type attacks.

CVE attacks are more difficult as there are not always proof of concept attacks that are public.

Forum Discussion

AWS F5 Bot Rules Protection ¿any testing page to test effectively use cases?

1 Reply

Recent Discussions

google-visualization-issues

The best load balance method on this scenario?

SMS server with BIGIP

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

Related Content

Beyond REST: Protecting GraphQL

L7 DoS Protection with NGINX App Protect DoS

TESTING / ARTICLE SAVE - 002LEZ

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Managing NGINX App Protect WAF for Beginners