F5 ASM – Disabling attack signatures checks

I’ve deployed a new WAF appliance with F5 ASM recently where I have to secure web applications which have lots of entities such as URLs, parameters and files. These web applications are already running in a production environment, as a result, I’ve deployed a Rapid Deployment Policy in transparent mode to see and know what’s going on. After a week, I can see lots of attacks in the learning process. Most of them are due to a web application used to store files. Employees can upload whatever they want, thus, they upload PDF files as well as .exe files and source code with javascripts. Therefore, the best to reduce potential false-positive alerts is disabling attack signatures checks for the URL where the application is hosted or the parameter used to upload files.

I’ve recorded a video where we can watch how to disable attack signatures checks for URL and parameters. It’s really easy!!

Drop me a line with the first thing you are thinking!

Commentaires