The container in this repository is a collection of policies, guides, scripts and audit tools to help you succeed with application security.
Based on the following article: https://support.f5.com/csp/article/K07359270
To gather the configuration and stats from an F5 BIG-IP (which you have management access to), run:
docker run -it --rm -v /path/to/local/folder:/home/user/ artioml/f5-app-sec gather_statsThis will create a file named BIG-Stats.zip in the local directory you mounted into the container (/path/to/local/folder).
To start the actual web app, run:
docker run -dit --rm -p 443:8443 artioml/f5-app-secGood WAF Security, Getting started with ASM:
https://clouddocs.f5.com/training/community/waf/html/class3/class3.html
Elevating ASM Protection:
https://clouddocs.f5.com/training/community/waf/html/class4/class4.html
High and Maximum Security:
https://clouddocs.f5.com/training/community/waf/html/class5/class5.html
WAF Programmability:
https://clouddocs.f5.com/training/community/waf/html/class6/class6.html
-
F5 Hardening script
-
ASM Policies Audit Tool
-
ASM YouTube Videos
-
ASM Word Doc to RtD
-
Upload actual ASM policies for each level
-
WAF Questionnaire
-
ASM Operations Guide
-
2018 Application Protection Report
-
F5 University ASM training (for Partners)
-
Super-NetOps (Class3?)