Applying All ASM Signatures

Question

Hi,&nbsp;
What if I apply all signatures to all ASM policies applied to different different VS. I know it would cause utilization issue but apart from that is there anything i need to know?&nbsp;

nathe · Answer

My thoughts are you're increasing the prospects of false positives as you're protecting against attacks that are not relevant. For instance a windows based attack when your backend infrastructure is *nix based. &nbsp;
This will cause more admin too to sort out. &nbsp;
Anyway, my 2c. &nbsp;
N&nbsp;

vijith_182946 · Answer

Just to add some points, i would always sit in the middle of positive and negative security model. In the context of web apps POSITIVE security model is deny all, allow only what is known to be good. NEGATIVE security model allow all, deny only what is known to be bad. As Nathan stated when you go with only one model (signature) you are going to deal with a lots of burden on you !

nuruddin_ahmed_ · Answer

Thank you

Forum Discussion

Applying All ASM Signatures

3 Replies

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Apply new attack signatures via cli or api.

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

Are there recommended F5 ASMAWAF attack signatures to apply by default for in addition to TOP10OWASP

Trouble applying GoDaddy certificate to a virtual server

Applying APM on an iframe