pitmaster
Apr 23, 2015Nimbostratus
Tools for WAF Professionals
What are the tools a WAF professional must have to properly do his/her job? I'm asking because I would like to evaluate request and give recommendation based on facts.
What are the tools a WAF professional must have to properly do his/her job? I'm asking because I would like to evaluate request and give recommendation based on facts.
By "tools" do you mean computer programs? There are no special requirements.
I Use:
1. Web-browser. To manage ASM/WAF, I prefer to use GUI, because it's faster. The ASM module is also integrated with TMOS TMSH, but it's nowhere near as good as TMSH for the LTM module.
2. SSH Terminal (E.g Linux Terminal, or Putty) to investigate the log files
3. Text-editor to create and modify policy templates (XML format)
4. iControl and Python; For automation of repetitive tasks, e.g. providing requested information for security auditors
Hannes Rapp thanks for the response but I was thinking more to review web request and alike. Tools like fiddler or others.