F5 ASM WAF Training

F5 ASM Training

Course Overview

In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM)  Web Application Firewall to protect your web applications from web-based attacks.

The course includes lecture, hands-on labs, and discussion about different F5 ASM components for detecting and mitigating threats from multiple attack vectors such Cross-Site-Scripting(XSS), SQL Injection (SQLi), web scraping, Layer 7 Denial of Service, brute force, botnets, code injection, and other zero day attacks.

What You Will Learn

  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures configuration and maintenance
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • ASM User roles
  • ASM Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Brute Force attack protection
  • Web scraping detection and mitigation
  • Layer 7 Denial Of Service (DoS) protection
  • Using iRules with ASM
  • XML and Web Services support in ASM Policies
  • AJAX and JSON support in ASM Policies

Who Should Attend

  • System administrators
  • Network administrators
  • Application developers
  • SOC Engineers
  • Individuals responsible for the protection of web applications fronted by F5 BIG-IP devices


  • F5 BIG-IP LTM Foundations course

Booking This Course

Please contact us. We can provide the bespoke training course curriculum and flexible delivery based upon your requirements