Orchestrated Web Application Vulnerability Remediation on F5 with AppViewX

Today’s complex web application technologies come with an increased risk of vulnerabilities, including potential failures due to cross-site scripting, buffer overflow, authentication failure, broken access control (authorization failure), cross-site request forgery, slow HTTP post, path-based vulnerability, and more.

To help address these risks, AppViewX provides a simple and secure orchestration solution to auto-remediate vulnerabilities on F5. You might ask: “What about the vulnerability scanners that we already have, like Qualys or Rapid7”? These scans indeed provide invaluable information, and AppViewX seamlessly accepts reports from these tools, in their proprietary formats, and incorporates them into the workflow that helps fix the vulnerabilities that the scans have discovered.

Intuitive UI

With AppViewX, SecOps engineers can upload a vulnerability report (like the XML file from Qualys) using a user-friendly form. AppViewX users this input to provision the ASM policy on F5, including F5 devices, virtual servers (applications), enforcement mode (transparent, blocking), or ASM policy name:

Vulnerability reporting

AppViewX then analyses the XLM Qualys report and sorts the vulnerabilities into categories: resolvable manually, resolvable automatically, or not resolvable:

Resolution reporting

AppViewX remediates the automatically-resolvable vulnerabilities, as allowed by F5, and reports the results:

ASM Policy replication

If a problem is found on one F5 device, it needs to be fixed across all peer devices. The AppViewX workflow allows users to propagate the ASM policy to multiple F5 devices, fixing the vulnerability across the board.

AppViewX seamlessly integrates with multiple other vulnerability scanners to help secure the web application with minimal manual intervention. This approach can result in significant cost savings, both in terms of labor and resources, and turnaround time.