Detections
Analytics

Revision 1.5

Dec 19, 2019
Informational Update
  • F5BI-AS-000031 - The BIG-IP ASM must ensure inbound traffic is monitored for compliance with remote access security policies.
  • F5BI-AS-000039 - The BIG-IP ASM must produce ASM Event Logs containing information to establish what type of unauthorized events occurred.
  • F5BI-AS-000109 - The BIG-IP ASM must update malicious code protection mechanisms and signature definitions.
  • F5BI-AS-000119 - The BIG-IP ASM must automatically update malicious code protection mechanisms when providing filtering to virtual servers.
  • F5BI-AS-000157 - The BIG-IP ASM must prevent code injection attacks from being launched against data storage objects.
  • F5BI-AS-000159 - The BIG-IP ASM must prevent code injection attacks launched against application objects.
  • F5BI-AS-000161 - The BIG-IP ASM must prevent SQL injection attacks launched against data storage objects.
  • F5BI-AS-000163 - The BIG-IP ASM must detect code injection attacks from being launched against data storage objects.
  • F5BI-AS-000165 - The BIG-IP ASM must detect SQL injection attacks launched against data storage objects.
  • F5BI-AS-000167 - The BIG-IP ASM must detect code injection attacks launched against application objects including.
  • F5BI-AS-000229 - The BIG-IP ASM must handle invalid inputs in a predictable and documented manner that reflects org. and system objectives.
  • F5BI-AS-000239 - The BIG-IP ASM must continuously monitor inbound communications traffic crossing internal security boundaries.
  • F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.
Miscellaneous
  • Platform check updated.
Added
  • DISA_F5_BIG-IP_ASM_11_V1R1.audit from DISA F5 BIG-IP Application Security Manager 11.x STIG