F5
Configuring F5 Advanced WAF
formerly ASM, Application Security Manager
About this course
Advanced WAF protects web applications from the threats that target them directly, from the OWASP Top 10 through targeted, automated, and layer-7 attacks. This course builds the skill to deploy and tune application security policies: understanding how the WAF inspects traffic, building positive and negative security models, handling false positives, and protecting against attacks such as injection, cross-site scripting, and credential abuse. It covers learning and policy building, attack signatures, bot defense, and DoS protection at the application layer, so students leave able to secure real applications without breaking them.
First step toward the F5 Certified Technology Specialist, WAF track.
Table of contents
- 01Setting up the BIG-IP system
- 02Traffic processing with BIG-IP and Advanced WAF
- 03Web application concepts and vulnerabilities
- 04Security policy deployment
- 05Policy tuning and false-positive handling
- 06Attack signatures and the signature lifecycle
- 07Positive security and policy building
- 08Securing cookies and other objects
- 09Bot defense and proactive mitigation
- 10Layer-7 DoS protection
A detailed day-by-day agenda will be added from the official course datasheet.