Forum Discussion

Nuruddin_Ahmed_

Cirrostratus

Mar 01, 2016

How Can i make sure that all OWASP related vulnerabilities are being blocked by our ASM policy?

ASM Advanced WAF

security

Vijith_182946

Cirrostratus

Hi Nuruddin, I think there is no better explanation i will get from this link. Very good article from Josh Michaels, though this is based on old OWASP top 10, need to make changes according to the new one https://devcentral.f5.com/articles/f5-security-on-owasp-top-10

Cheers Vijith

Vijith_182946

Cirrostratus

Mar 01, 2016

Hi Nuruddin, It all depends on how you implement your policy. F5 got covered all the OWASP vulnerabilities in the signatures but you might need to tune your policy in way the negative security approach. But i would say you need to be in the middle of positive and negative security model - an applied security model. Both model has got good and band but it depends your organisational standard etc.

Forum Discussion

How Can i make sure that all OWASP related vulnerabilities are being blocked by our ASM policy?

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Block traffic

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Vulnerability CVE-2023-45648 in ApacheTomcat

domain blocking