F5 ASM Essential Plan - API Support
- Home
- Subscription Service
- F5 ASM Essential Plan - API Support
Service Introduction
The Essential API plan protects your core API endpoints using basic profile tuning, enforced JSON/XML formats, and structured signature updates. It includes key security features such as hostname restrictions, illegal response handling, and basic rate-limiting. Suited for APIs with stable payloads and predictable consumer behavior, this plan provides baseline defense without overcomplicating your dev process — perfect for startups, internal APIs, or low-risk public integrations.
HTML Basic (Single Policy)£2500 / HTML Website / Web Application / Yearly |
HTML Basic
|
OWASP Coverage |
|---|---|---|
Monthly Reports and Analytics |
Monthly
|
|
Learning Sugggestion Review |
Monthly
|
|
Events Logs / Correlation Reviews and Reports |
Monthly
|
|
Attack Signatures Updates (Including staging reviewing) - All Scopes |
Monthly
|
|
File Type Entites |
Compact / Selective
|
|
URLs / Endpoints |
Never / Compact
|
|
URL (Allowed / Disallowed) |
Selective / Always
|
|
Parameter Reviews |
Selective / Always
|
|
Cookie Security (Allowed / Inforced) - ASM Cookie Protection |
Selective / Always
|
|
Evasion Techniques (Detecting and Tuning) |
Selective / Always
|
|
Challanges Solved
Web application firewalls often give a false sense of security. Without regular tuning, policies become stale, missing new evasion techniques and generating noisy false positives that frustrate users and devs alike. Parameters go unvalidated, bot activity slips through, and outdated file or URL controls quietly introduce risk. Many businesses don’t realise that 'default protection' leaves critical gaps, especially as their app evolves with new features, endpoints, or third-party integrations.