F5 Rules for AWS WAF - Rule ID to Attack Type Reference
F5 offers security solutions for AWS customers who use the platform's hosting and load balancing services along with the AWS WAF offering. F5 Rules for AWS WAF - Web exploits OWASP RulesF5 Rules for AWS WAF - Bot Protection RulesF5 Rules for AWS WAF - Common Vulnerabilities and Exposures (CVE)F5 Rules for AWS WAF - API Security Rules With the recent addition of logging capabilities of requests that had a match with one of the rule sets, there is now an option to: See the full request that had a match with the rule ID. Understand the attack type that relates to the rule ID. Remove specific rule ID from the rule set in the case it generates false positives. The following CSV maps between rule IDs and attack types, and will help customers of the F5 Rules for AWS WAF products to better manage rule exclusions in their Access Lists. For more details on AWS-WAF logging configuration please visit:https://docs.aws.amazon.com/waf/latest/developerguide/logging.html
Attack Signature Staging Audit / History
Hi Team, I have just started my attack signature journey being automatically pushed out via Big-IQ and loving the fact that I no longer have to deal with change windows etc! Currently my production system is just setup for auto updates and still require manually activation out of staging to be enabled. In my Nonprod environment, I have the same autoupdate of attack signatures for the last few months and have setup autostaging ( I think I have! ) by setting my staged time to 14 days. The question is, is there a log/history/event that I can view that shows when attack signatures move out of staging and where the heck do I find it ?