Do you need to secure your applications quickly from today’s threats such as those from automated agents, bots, and common vulnerabilities? Are you limited by time, resources, and knowledge of your web applications? Do you need protection against CVEs without thinking too deeply about them?
In this 1-day course, participants identify and mitigate common web application vulnerabilities on the client and application sides of the threat spectrum.
Participants use F5 Advanced WAF to quickly configure advanced protection against common Layer 7 vulnerabilities (OWASP Top Ten) and bot defense.
This course is intended for users who wish to rapidly deploy a basic web application security policy with minimal configuration.
- Differentiating between client-side and application-side web vulnerabilities
- Categorizing Attack Techniques
- Use the Guided Configuration to deploy a Web Application Security Policy
- Defining the key parts of a Web Application Security Policy
- Understanding request logging options
- Identifying HTTP headers and methods
- Defining attack signatures, attack signature staging, and violations
- Overview of the OWASP Top Ten
- Review learning suggestions and basic policy tuning
- Deploy Threat Campaign
- Mitigate Credentials Stuffing
- Secure a URL from client-side fraud using DataSafe encryption and obfuscation
- Use the automated L7 Behavioral Denial of Service feature to detect and mitigate DoS attacks