Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Application Security Manager (ASM)

ASM is a web application firewall (WAF) that provides application security in traditional, virtual, and private cloud environments. Designed specifically for security, BIG-IP ASM secures applications against unknown vulnerabilities and enables compliance with key regulatory mandates.

Learn more

Articles

Gal Goldshtein
Updated 4 days ago by Gal Goldshtein

A recently published research by Checkpoint introduced a couple of undiscovered vulnerabilities in the online gaming platform of “Epic Games” – the developers of the famous "Fortnite" game. It was claimed in the research paper that a...

Lior Rotkovtich
Updated 3 weeks ago by Lior Rotkovtich
5 out of 5 stars

With more and more bots traffic hitting web applications it has become a necessity to manage bots accessing web applications. To be able to manage bot access to your web application you must first be able to detect them and only then allow or deny

Gal Goldshtein
Updated 1 month ago by Gal Goldshtein

ThinkPHP is an open source PHP development framework for agile web application development. Recently, an unauthenticated remote code execution vulnerability was discovered in ThinkPHP...

Steve Lyons
Updated 1 month ago by Steve Lyons
5 out of 5 stars

Not too long ago, a question in one of my tech talks came up regarding how F5 sync's ASM policies between devices that may not be apart of the same HA Pair. The question derived from experience with another vendor in which policies would not...

Nir Zigler
Updated 1 month ago by Nir Zigler

A bug in the Kubernetes platform has been disclosed this week by its developers. The bug has been marked as critical vulnerability with a 9.8 CVSS score and assigned CVE-2018-1002105.

Steve Lyons
Updated 1 month ago by Steve Lyons
5 out of 5 stars

If you are not familiar with F5's IP Intelligence capability, it is an add-on service that integrates with both the Advanced Firewall Manager and Application Security Manager. Steve Lyons covers how IP Intelligence can help you.

Harsh Chawla
Updated 2 months ago by Harsh Chawla
5 out of 5 stars

Earlier this month (November 2018), RIPS Technologies blogged about a design flaw within WordPress that allows privilege escalation.  WordPress is one of the most commonly used Content Management System (CMS) and is used by over 32% of the...

Gal Goldshtein
Updated 2 months ago by Gal Goldshtein

Recently, a new vulnerability in the RichFaces framework was discovered and was assigned with CVE-2018-14667. RichFaces is one of the libraries that implement the JavaServer faces (JSF) specification which is the Java standard for building...

John Wagnon
Updated 4 months ago by John Wagnon
5 out of 5 stars

F5 has teamed up with OPSWAT to allow for comprehensive content analysis and sanitization. These capabilities include thorough malware scanning using over 30 leading anti-malware engines as well as Content Disarm and Reconstruction services...

John Wagnon
Updated 4 months ago by John Wagnon

The Apache Struts 2 framework is used extensively to build web applications.  This framework has also been the victim of several vulnerabilities that dramatically affect users all over the world...

Lior Rotkovtich
Updated 3 weeks ago by Lior Rotkovtich
5 out of 5 stars

With more and more bots traffic hitting web applications it has become a necessity to manage bots accessing web applications. To be able to manage bot access to your web application you must first be able to detect them and only then allow or deny

Steve Lyons
Updated 1 month ago by Steve Lyons
5 out of 5 stars

Not too long ago, a question in one of my tech talks came up regarding how F5 sync's ASM policies between devices that may not be apart of the same HA Pair. The question derived from experience with another vendor in which policies would not...

Steve Lyons
Updated 1 month ago by Steve Lyons
5 out of 5 stars

If you are not familiar with F5's IP Intelligence capability, it is an add-on service that integrates with both the Advanced Firewall Manager and Application Security Manager. Steve Lyons covers how IP Intelligence can help you.

Harsh Chawla
Updated 2 months ago by Harsh Chawla
5 out of 5 stars

Earlier this month (November 2018), RIPS Technologies blogged about a design flaw within WordPress that allows privilege escalation.  WordPress is one of the most commonly used Content Management System (CMS) and is used by over 32% of the...

John Wagnon
Updated 4 months ago by John Wagnon
5 out of 5 stars

F5 has teamed up with OPSWAT to allow for comprehensive content analysis and sanitization. These capabilities include thorough malware scanning using over 30 leading anti-malware engines as well as Content Disarm and Reconstruction services...

Gal Goldshtein
Updated 5 months ago by Gal Goldshtein
5 out of 5 stars

In the recent days, a new Apache Struts 2 Remote Code Execution vulnerability was announced (S2-057) and CVE-2018-11776 was allocated. At the moment, there is no public Proof of Concept exploit available. for a Struts 2 application to be...

Graham Alderson
Updated 5/9/2018 by Graham Alderson
5 out of 5 stars

Learn how to use the F5 Advanced Web Application Firewall to protect your credentials. Identities are the keys to our applications and criminals can steal them right from the browser. DataSafe protects the credentials at the most vulnerable point.

Graham Alderson
Updated 5/8/2018 by Graham Alderson
5 out of 5 stars

Learn how to use the F5 Advanced Web Application Firewall to easily implement Behavioral DoS protections for your application using dynamic signatures to reduce false positives and automate protection.

Graham Alderson
Updated 5/7/2018 by Graham Alderson
5 out of 5 stars

Learn how to use the F5 Advanced Web Application Firewall to easily lock down your applications so that bots can’t attack your mobile APIs. This video will show you the quick way to add anti-bot and other protections directly into your mobile app.

Chase Abbott
Updated 4/23/2018 by Chase Abbott
5 out of 5 stars

What happens when you cross a developer with a fitness instructor? You get BIG-IP Per App VE. DevCentral discusses the new per-App instance of BIG-IP providing LTM and WAF functionality wherever your applications reside.

Have a ASM Question or Discussion Topic?

Answers

HIGH Swap Memory Utilization
Updated 15 hours ago
By Fozail
0 votes
from based fields
Updated 3 days ago
By OM
0 votes
ASM transparent mode
Updated 3 days ago
By ELJM
0 votes