Services include working remotely to provide AWAF (ASM) security policy creation, optimization, and enforcement, OWASP Top 10 protection, and daily care and feeding of your ASM deployment.
What I can do for you:
Create an initial assessment report
Create API policies
Create baseline policy templates
Create layered parent/child policies
Create local traffic policies for specific use cases
Create stabilized policies including tuning and enforcement
Custom attack signatures
Optimize logging
Policy backup
Update attack signatures
Update geo-database
Additional features:
Bot protection
Brute force protection
Credential stuffing (additional license required)
CSRF protection
Data guard
Data safe
DDoS protection
IP Intelligence (additional license required)
OWASP compliance report
Session tracking
Deliverables:
Initial assessment report
Inventory/Tracking spreadsheet
Runbooks for common tasks
Secure, stabilized policies
I can build your security policies from scratch or evaluate your existing F5 ASM environment and optimize as necessary. In a nutshell, I can provide basic to advanced protection for your web applications regardless of complexity. F5 ASM can provide remediation for OWASP and PCI DSS compliance issues.
Once your ASM deployment is stable, I can keep an eye on your event logs, watch for false positives, and create charts and reports on malicious traffic attempting to access your site.
