Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

ASM protection against SSRF

Anyone have experience in virtually patching an application vulnerable to SSRF (server-side request forgery) protected by ASM? If so, how did you configure ASM policy? Whitelist all allowed URLs?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

F5 ASM can provide SSRF protection in many ways including response signatures, parameter type enforcement and whitelisting.

First of all you should find out:

  • which URLs of the application are vulnerable to SSRF
  • what the successful SSRF attack URL looks like and what is the 'good usage' URL

I assume you can get this from the pen-test report. Once you have this information it will become clearer what ASM policy changes you need to protect the application

0