July 26, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Allow Known BotsSmart Plugin Manager BotThe Smart Plugin Manager bot has been added to the Known Bots rulesetNAAllow

July 19, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Anti-Automation & Bot ProtectionForced Browser Validation on Traffic AnomaliesThis policy has been updated to detect clients who preset invalid extensions stringCompositeComposite
Protocol ValidationPrevent Malformed Request MethodsThis policy has been updated to detect illegal empty Accept header requestsBlockBlock
Protocol ValidationPrevent Malformed Request MethodsThis policy has been updated to detect Unicode full/half-width abuseBlockBlock
Protocol ValidationPrevent Malformed Request MethodsThis policy has been updated to detect malformed URL which uses encoding to obfuscate payloads and bypass input validation in the requestBlockBlock

July 12, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsXSS AttackThis policy has been updated to improve protection against additional attack vectorsBlockBlock
Behavioral WAFProbing and Forced BrowsingThis policy has been updated to detect malicious TLS fingerprintingCompositeComposite
Anti-Automation & Bot ProtectionAutomated ClientsThis policy has been updated to detect malicious TLS fingerprintingCompositeComposite
Protocol ValidationPrevent Malformed Request MethodsIntroducing a new policy that enforces HTTP RFC requirements that state how the client must send a request methodNABlock
WAF & OWASP Top ThreatsCode InjectionThis policy now covers additional Java, PHP, Ruby, Python, Linux, and Windows injection attacksBlockBlock

July 05, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsCode InjectionThe policy is now covering more Spring4Shell vulnerabilitiesBlockBlock
WAF & OWASP Top ThreatsCode InjectionThis policy now covers additional Java, PHP, Ruby, Python, Linux, and Windows injection attacksBlockBlock

June 28, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsSQL InjectionThis policy has been updated to improve the detection of additional SQL injectionsBlockBlock
WAF & OWASP Top ThreatsServer-Side Template InjectionThis policy has been updated to improve the detection of additional server-side templates injectionsBlockBlock
WAF & OWASP Top ThreatsCode InjectionThis policy has been updated to cover additional remote command execution methodsBlockBlock

June 21, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Allow Known BotsGoogle Cloud Monitoring botGoogle Cloud Monitoring bot was added to the Known Bots rulesetN/AAllow

June 07, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsSQL InjectionThis policy has been updated to improve the detection of SQL comment sequencesBlockBlock
Protocol ValidationService Protocol ValidationIntroducing this new policy that will block clients attempting to interfere with service internal callsNABlock
WAF & OWASP Top ThreatsCode InjectionThis policy now blocks exploit attempts for VMWare Workspace ONE Auth Bypass Exploit (CVE-2022-22972)BlockBlock

May 31, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsShell InjectionThe policy now covers additional remote command execution methodsBlockBlock
Allow Known BotsPetal botPetal bot was added to the Known Bots rulesetN/AAllow

May 24, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
Allow Known BotsSiteimprove botSiteimprove bot was added to the Known Bots rulesetN/AAllow

May 17, 2022

RulesetPolicyDescription of UpdatePrevious ActionNew Action
WAF & OWASP Top ThreatsXSS AttackThis policy has been updated to improve protection against additional attack vectors and to reduce the false-positive rateBlockBlock
WAF & OWASP Top ThreatsShell InjectionThis policy has been improved to reduce the false-positive rateBlockBlock
WAF & OWASP Top ThreatsCommon Web Application VulnerabilitiesThis policy has been improved to reduce the false-positive rateBlockBlock