F5 BIG-IP CORS – What is it, and how to enable

Cross Origin Resource Sharing (CORS) is a mechanism that allows your system to access resources from a different domain than the domain the original request was made to. By default, you can’t support F5 BIG-IP CORS requests directly to its management application. This includes the REST api. It’s a bit of a tricky functionality as it is prone to abuse if not properly implemented. Continue reading “F5 BIG-IP CORS – What is it, and how to enable”

What is a WAF and why should I have one?

This is a question I get all the time… What is a WAF? Since I maintain our WAF for my job, I usually need to educate and convince co-workers, management, application owners about why and how we should deploy our WAF. Let’s start with the objections I usually run into, and why you still should have a WAF, and then dig a bit deeper into what a WAF is really doing.

Myth 1: I have a firewall, I don’t need a WAF!

Continue reading “What is a WAF and why should I have one?”