Configuring BIG-IP ASM: Application Security Manager
The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.
Duration: 25hrs
Course Content:
- Provisioning ASM
- Traffic processing with BIG-IP Local Traffic Manager (LTM)
- Web application concepts
- Web application vulnerabilities
- Security policy deployment
- Security policy tuning
- Attack signatures
- Positive security building
- Securing cookies and other headers
- Reporting and logging
- Policy Diff, merging, and exporting
- Advanced parameter handling
- Using application templates
- Using Automatic Policy Builder
- Integrating with web vulnerability scanners
- Login enforcement
- Brute force mitigation
- Session tracking
- Web scraping detection and mitigation
- Geolocation Enforcement and IP Address Exceptions
- Using Parent and Child policies
- Layer 7 DoS protection
- ASM and iRules
- Using Content Profiles for AJAX and JSON applications
- NEW — Advanced Bot Detection and Defense
- NEW — Proactive Bot Defense
- NEW — Simple Edit Mode for Attack Signatures