July 12, 2022
Ruleset | Policy | Description of Update | Previous Action | New Action |
---|---|---|---|---|
WAF & OWASP Top Threats | XSS Attack | This policy has been updated to improve protection against additional attack vectors | Block | Block |
Behavioral WAF | Probing and Forced Browsing | This policy has been updated to detect malicious TLS fingerprinting | Composite | Composite |
Anti-Automation & Bot Protection | Automated Clients | This policy has been updated to detect malicious TLS fingerprinting | Composite | Composite |
Protocol Validation | Prevent Malformed Request Methods | Introducing a new policy that enforces HTTP RFC requirements that state how the client must send a request method | NA | Block |
WAF & OWASP Top Threats | Code Injection | This policy now covers additional Java, PHP, Ruby, Python, Linux, and Windows injection attacks | Block | Block |