January 25, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Allow Known BotsLivedoor Japan botLivedoor bot detection has been improvedAllowAllow

January 18, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsXSS AttackHTML injection attack vectors were added to this policyBlockBlock
WAF & OWASP Top ThreatsCode InjectionPolicy's detection of command injection attacks was improvedBlockBlock
WAF & OWASP Top ThreatsWeb Shell Execution AttemptThe policy now covers additional PHP execution methodsBlockBlock
Behavioral WAF (advanced threat protection)Obfuscated Attacks and Zero-Day MitigationImproved the detection of injection attempts for this policyBlockBlock

January 11, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsCode InjectionThe policy is now covering additional variations of log4j vulnerabilityBlockBlock

January 04, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsShell InjectionThis policy has been improved to mitigate Out-of-Band Data Exfiltration methodsBlockBlock

December 28, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Anti-Automation & Bot ProtectionAutomated ClientsIdentification of clients that constantly change sessions has been improvedVaries (handshake, CAPTCHA, block)Varies (handshake, CAPTCHA, block)

December 14, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Behavioral WAFAnti-SpamNew rule was added to the policy to block convicted form abusers.NABlock
WAP & OWASP Top ThreatsCode InjectionNew rules were added to the policy to enhance existing coverage for lLog4j/Log4Shell vulnerability.BlockBlock

December 07, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
IP ReputationExternal Reputation Block ListAdded additional external reputation block list as input to this policyHandshakeHandshake

November 30, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAP & OWASP Top ThreatsLocal File InclusionThis policy has been updated to improve mitigation of XML injections.BlockBlock

November 16, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsCode InjectionThe detection of reverse shell attacks was improved.BlockBlock

November 9, 2021

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Traffic SourcesTraffic Via Proxy NetworksThis policy has been update to cover additional cloud service providers.JS ValidationJS Validation