BIG-IP Application Security Manager (ASM) enables organizations to protect against OWASP top 10 threats, application vulnerabilities, and zero-day attacks. Leading Layer 7 DDoS defenses, advanced detection and mitigation techniques, dynamic learning, virtual patching, and granular attack visibility thwart even the most complex threats before they reach your servers.
BIG-IP ASM also enables compliance with key regulatory standards like FFIEC, HIPAA and PCI-DSS.
With BIG-IP ASM, organizations gain the flexibility they need to deploy Web Application Firewall (WAF) services close to apps to protect apps wherever they reside, -- within a virtual SDDC, managed cloud service environment, public cloud, and the data center.
BIG-IP ASM simplifies policy creation, so you can rapidly deploy a WAF, ensuring robust security immediately. It also adapts policies with automatic learning to protect against evolving threats hiding within (or targeting) http, https, and WebSocket traffic.
Get detailed visibility into policy violations, potential severity of the attack, and impact on servers. BIG-IP ASM also uses attack intelligence and reporting to identify increasingly sophisticated threats as they evolve.
BIG-IP ASM integrates with third-party dynamic application security testing (DAST) tools to uncover and patch vulnerabilities and unauthorized web changes before code fixes are available.
Ensure application availability even when under attack and dynamically boost performance with application optimization and acceleration.
Detects and mitigates application attacks including DOS/DDOS, brute force, SQL injection, cross-site scripting, remote file inclusion, cookie poisoning and session hijacking.
Tracks the unique device id for every visitor across multiple IPs, sessions, and through evasive actions for increased precision in blocking bad actors.
Identifies malicious bots that bypass standard detection methods and mitigates threats with greater precision, before they begin.
Associating the application username with violations, BIG-IP ASM provides in-depth blocking plus improved understanding of attack.
Prevents leakage of sensitive data (credit card information, Social Security numbers) by stripping out the data and masking the information.
Automatically correlates multiple attacks into a single incident for better visibility and easier management.
Application Security Manager integrates with a range of vulnerability scanners—including WhiteHat Sentinel, Trustwave App Scanner, IBM Rational AppScan, and QualysGuard Web Application Scanning—to give you the most advanced application assessment and threat protection. This combined solution helps you secure all your applications—and save on costly vulnerability repairs.
"Security today is everything, and BIG-IP LTM, APM, and ASM give us the web application firewall, redundancy, and secure authentication we need."
–Davin Miller, Senior Technical Services Lead Analyst for Pekin Insurance
Read the Case Study
NSS Labs recommends BIG-IP Application Security Manager as a web application firewall based on tests that demonstrate 99.89% overall security effectiveness with minimal false positives (.124%) as compared with competitors.
Get the Product Analysis Report
John Wagnon | 3 months ago
Web Application Firewalls (WAFs) are extremely popular today, and they provide critical protection for web applications. But some experts have recently postulated that WAFs are not really as effective as many people think they are. One...
John Wagnon | 5 months ago
We are always interested in security at F5, but this month we are taking it a step further and highlighting lots of great security content on DevCentral. From discussing new features on our Advanced Firewall Manager, to showing off some OWASP Top 10 vulnerability mitigation options, to showcasing our new Silverline Cloud-Based application services platform, to featuring several partner integration options, the month of February on DevCentral will not disappoint!
The threat is global, and it’s time to reposition your defenses to meet the enemy where they are. Many companies can’t afford the cost of hiring a specialized team of security experts to protect their very important business applications…but neither can they afford to let those applications fall prey to an attack...
Jason Rahm | 5 months ago
Yesterday John showed you how BIG-IP Application Security Firewall can mitigate injection attacks. Today, we’ll cover number three on the list in cross-site scripting. XSS Scripting defined directly from the OWASP XSS page:
OWASP lists “injection” attacks as the number one security flaw on the Internet today. In fact, injection attacks have made the OWASP top ten list for the past 12 years and have been listed as the number one attack for the past 6...
Silverline Web Application Firewall (WAF) is built on BIG-IP ASM, but provided via F5’s Silverline cloud-based application services platform and wholly deployed, set up, and managed by the highly specialized experts in our Security Operations Center (SOC).
Read the Datasheet
Explore the F5 Silverline Cloud-Based Application Services Platform