Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

security

Security is central to everything we do—from stopping DDoS attacks before they hit your servers to protecting your applications. Whether you want to go deeper into SSL profiles, understand security-specific iRules, or brush up on current security topics, here’s where you’ll find the latest, most relevant information.

Learn more

Articles

John Wagnon
Updated 1 week ago by John Wagnon
5 out of 5 stars

For some web applications, you need a separate network firewall policy for users from different geographic locations.  Using the power of iRules and VIP-targeting-VIP solutions, you can dynamically select an AFM policy based on source IP geolocation.

Michael J
Updated 1 week ago by Michael J
5 out of 5 stars

Nessus 6 XSLT Conversion for ASM Generic Scanner Schema Import

Gal Goldshtein
Updated 2 weeks ago by Gal Goldshtein
5 out of 5 stars

In the recent days, another 0-day remote code execution vulnerability in Apache Struts 2 has been published (CVE-2017-12611). This time the vulnerability’s root cause is not stemming from a bug in the Struts 2 framework, but a feature of the...

Gal Goldshtein
Updated 2 weeks ago by Gal Goldshtein
5 out of 5 stars

In the recent days, a new critical Apache Struts 2 vulnerability was announced which allows remote attackers to execute arbitrary commands on the server. The original post (S2-052) has not published exploit details yet, most probably to allow...

Pascal Tene
Updated 2 weeks ago by Pascal Tene

Part 3:   Headers to remove   Server and X-Powered-by headers The Server and X-Powered-By headers:  Should be removed or changed These are added by default by some web servers such as apache, nginx, Express,…   Example:...

John Wagnon
Updated 3 weeks ago by John Wagnon
5 out of 5 stars

Many of us use Wireshark to capture and analyze network traffic.  When it comes to SSL/TLS traffic, Wireshark does a great job of showing the cipher suites presented by the client and then the cipher suite chosen by the server in a given...

Nir Zigler
Updated 3 weeks ago by Nir Zigler

Object serialization has always been a tricky subject. Using serialization as a design pattern can always lead to catastrophic consequences such as remote code execution when user input isn't properly validated.

Peter Silva
Updated 3 weeks ago by Peter Silva

Today let’s look at how to create and deploy an auto-scaled BIG-IP Virtual Edition Web Application Firewall by using a Cloud Formation Template (CFT) in AWS. CFTs are simply a quick way to spin up solutions that otherwise, you may have to create...

Pascal Tene
Updated 3 weeks ago by Pascal Tene
5 out of 5 stars

This is the second part of this article which provides guidelines for tightening the security of http traffic by leveraging the power of F5 Big-IP and  iRules to include the latest HTTP security headers to all HTTP responses.

Peter Silva
Updated 1 month ago by Peter Silva
5 out of 5 stars

In this Lightboard Lesson, I light up some use cases for BIG-IP ASM Layered Policies available in BIG-IP v13. With Parent and Child policies, you can: Impose mandatory policy elements on multiple policies; Create multiple policies with baseline...

John Wagnon
Updated 1 week ago by John Wagnon
5 out of 5 stars

For some web applications, you need a separate network firewall policy for users from different geographic locations.  Using the power of iRules and VIP-targeting-VIP solutions, you can dynamically select an AFM policy based on source IP geolocation.

Michael J
Updated 1 week ago by Michael J
5 out of 5 stars

Nessus 6 XSLT Conversion for ASM Generic Scanner Schema Import

Gal Goldshtein
Updated 2 weeks ago by Gal Goldshtein
5 out of 5 stars

In the recent days, another 0-day remote code execution vulnerability in Apache Struts 2 has been published (CVE-2017-12611). This time the vulnerability’s root cause is not stemming from a bug in the Struts 2 framework, but a feature of the...

John Wagnon
Updated 3 weeks ago by John Wagnon
5 out of 5 stars

Many of us use Wireshark to capture and analyze network traffic.  When it comes to SSL/TLS traffic, Wireshark does a great job of showing the cipher suites presented by the client and then the cipher suite chosen by the server in a given...

Pascal Tene
Updated 3 weeks ago by Pascal Tene
5 out of 5 stars

This is the second part of this article which provides guidelines for tightening the security of http traffic by leveraging the power of F5 Big-IP and  iRules to include the latest HTTP security headers to all HTTP responses.

Peter Silva
Updated 1 month ago by Peter Silva
5 out of 5 stars

In this Lightboard Lesson, I light up some use cases for BIG-IP ASM Layered Policies available in BIG-IP v13. With Parent and Child policies, you can: Impose mandatory policy elements on multiple policies; Create multiple policies with baseline...

John Wagnon
Updated 1 month ago by John Wagnon
5 out of 5 stars

We spend lots of money on defensive security systems to maintain our privacy, but then we purchase a mobile sensor that can gobble up tons of information about us...

Pascal Tene
Updated 1 month ago by Pascal Tene
5 out of 5 stars

In this article, I will give an overview of some important headers that can be added to HTTP responses in order to improve the security web applications.

Graham
Updated 1 month ago by Graham
5 out of 5 stars

With the new Office 365 sign-in experience you can capture the username entered at the O365 login page so users don't need to enter it twice!

Peter Silva
Updated 2 months ago by Peter Silva
5 out of 5 stars

In this Lightboard Lesson, I describe how F5 Silverline Cloud-based Platform can help mitigate DDoS and other application attacks both on-prem and in the cloud with the Hybrid Signaling iApp. Learn how both on-premises and the cloud can work...

Have a Security Question or Discussion Topic?