F5 AWAF - Preventing Session Hijacking
I would like to share with you two videos where we can watch how we can configure session hijacking protection with F5 BIG-IP Advanced WAF (formerly ASM). I think these two videos explain really well what a session hijacking attack is, thanks to the hackazon virtual machine, and how to enable the session hijacking protection in F5 AWAF. The first video shows how to block a modified domain cookie while the second one shows how to block an ASM modified cookie.
What’s more, F5 has acquired Shape Security and Volterra recently to sell SaaS security services. As a result, F5 has created a new feature called Device ID+ which is similar to Device ID but the new one is delivered from the cloud and it uses machine learning to assign a unique identifier to each device visiting the web site. All customers have access to this service for free up to 20 millions of devices. Therefore, we should take into account that Device ID+ is not the same as Device ID. However, Device ID is do the same that “client fingerprinting” which is also used for Bot Defense, Brute Force Protection and Web Scraping.
Regards my friends! Do you have session hijacking vulnerabilities?