F5 : Leveling Up Your AWS WAF with F5 Managed Rules
October 21, 2021 at 04:34 pm EDT
Share
F5 currently offers four unique rulesets, each of which grants protection against different threat types:
OWASP Top 10 Web Exploits Protection Ruleset: Mitigates attacks that seek to exploit vulnerabilities contained in the OWASP Top 10, including cross-site scripting (XSS) attacks, injection attacks, and many more.
Bot Protection Ruleset: Analyzes all incoming requests and blocks any malicious bot activities including DDoS tools, vulnerability scanners, web scraper, and forum spam tools.
API Security Ruleset: Secures against API-level attacks, XML external entity attacks, and server-side request forgery (SSRF) exploits and offers support for both XML and JSON payloads and common web API frameworks.
Common Vulnerability and Exposures (CVE) Protection Ruleset: Defends against high-profile CVEs that can be found in popular systems such as Apache, Java, MySQL, WordPress, and many more.
Each of these rulesets is written, managed, and regularly updated by F5 security specialists, thus enabling customers to protect their apps against evolving threats-without the need for any intervention from the AWS WAF user. Whether the rules are applied to new or existing AWS WAF instances, AWS application load balancers, or AWS CloudFront, any of the F5 rulesets can be attached in minutes from the AWS WAF console with just a few click
You can find more information about any of our rulesets on their respective AWS Marketplace Listings:
If you're considering trying out any of our rules with your AWS WAF and have any questions or need assistance, simply sign in to ask a question on the F5 DevCentral community site. One of our technical experts or a member of our outstanding community will help you get started. You can also learn more via the supporting resources below or contact F5 sales for additional support.
Additional Resources:
Attachments
Original document
Permalink
Disclaimer
F5 Networks Inc. published this content on 21 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 21 October 2021 20:33:06 UTC.
F5, Inc. specializes in developing and selling network equipment. Net sales break down by activity as follows:
- supply of services (51.2%): consulting, training, maintenance, and technical support services;
- sales of products (48.8%): load distribution systems providing load management, performance optimization, and security for computer systems, Internet traffic management systems, data storage systems, etc.
Net sales are distributed geographically as follows: the United States (52.9%), Americas (3.4%), Europe/Middle East/Africa (26.4%), and Asia/Pacific (17.3%).