TƯỜNG LỬA CHO ỨNG DỤNG
A WEB APPLICATION FIREWALL THAT GUARDS YOUR CRITICAL APPS
BIG-IP Application Security Manager (ASM) enables organizations to protect against OWASP top 10 threats, application vulnerabilities, and zero-day attacks. Leading Layer 7 DDoS defenses, detection and mitigation techniques, virtual patching, and granular attack visibility thwart even the most sophisticated threats before they reach your servers.
BIG-IP ASM also enables compliance with key regulatory standards like HIPAA and PCI DSS.
With BIG-IP ASM, organizations gain the flexibility they need to deploy Web Application Firewall (WAF) services close to apps to protect them wherever they reside—within a virtual software-defined data center (SDDC), managed cloud service environment, public cloud, or traditional data center.
F5 Silverline Web Application Firewall (WAF) is built on BIG-IP ASM, but provided via F5’s Silverline cloud-based application services platform and wholly deployed, set up, and managed by the highly specialized experts in our Security Operations Center (SOC).
More Effective Security Out-of-the-Box: BIG-IP ASM simplifies policy creation, so you can deploy a WAF with security policies that immediately address common attacks on web applications, including http and https attacks.
Detailed Application Visibility and Reporting: Get detailed visibility into policy violations, potential severity of the attack, and impact on servers.BIG-IP ASM also uses attack intelligence and reporting to identify increasingly sophisticated threats as they evolve.
Rapid Vulnerability Patching: BIG-IP ASM integrates with third-party dynamic application security testing (DAST) tools to uncover and patch vulnerabilities and unauthorized web changes before code fixes are available.
Industry-Leading Scale and Performance: Ensure application availability even when under attack and dynamically boost performance with application optimization and acceleration technologies like fast caching, compression, SSL offloading, and TCP optimization.
Layer 7 Attack Protections: Detects and mitigates various application attacks including DOS/DDOS, brute force, OWASP top 10 attacks and more
Advanced Enforcement: Secures all parameters from client-side manipulation and validates log-on parameters and application flows.
Effective Bot Defense: Differentiating between humans and bots, BIG-IP ASM protects against automated requests and those exhibiting unusual behavior.
Application Awareness: Associating the application username with violations, BIG-IP ASM provides in-depth blocking plus improved understanding of the attack.
Data Protection and Cloaking: Prevents leakage of sensitive data (credit card info, Social Security numbers) by stripping out the data and masking the information.
Violation Correlation and Incident Grouping: Automatically correlates multiple attacks into a single incident for better visibility and easier management.