Forum Discussion

Nimbostratus

Nov 29, 2017

OWASP A2 HTTP Cookie Protection

Hello all, I'm looking for any information regarding configuration of HTTP cookie protection on ASM v12.1.2. I understand automatic policy builder includes this protection when using enhanced a...

ASM Advanced WAF

security

Shann_P_160848

Nimbostratus

Nov 29, 2017

I was under the impression that this was default with ASM as I've never had to configure it. ASM adds in a Traffic Shield cookie that is a key/value pair with the cookie itself so that if the cookie is altered or the TS cookie is altered, the violation is thrown.

Just my experience with ASM.

Forum Discussion

OWASP A2 HTTP Cookie Protection

Recent Discussions

how can I find the software version is 32 bit or 64 bit from LTM 15.1.10.4

(How) can I get two client certificates in one APM session?

Open Redirection Mitigation

BIG-IP DNS iRule issue with static variable

Using okta as SSO to login F5 GUI

Related Content

Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect

Cookie-based DDoS protection

Cookie Tampering Protection using F5 Distributed Cloud Platform

Introduction to OWASP API Security Top 10 2023

OWASP Tactical Access Defense Series: How BIG-IP APM Strengthens Defenses Against OWASP Top 10