Compare Our Subscription Packages
- Home
- Subscription Service
- Compare Our Packages
Introduction to wafy.io F5 ASM Managed Packages
We offer 6 main packages for our customers. These are 3 for HTML Web Applications and 3 for API applications. The F5 ASM Policies are build differentlyF5 ASM - API Subscription Packages
We offer 3 F5 ASM subscription packages, as a policy managed service, including Signature Updates, CVE Handelling, Learning Suggestion Analysis, Endpoint Configuration (Methods / Data Objects / Schemas and Validations)
F5 ASM Essential Plan - API Support
The Essential API plan protects your core API endpoints using basic profile tuning, enforced JSON/XML formats, and structured signature updates. It includes key security features such as hostname restrictions, illegal response handling, and basic rate-limiting. Suited for APIs with stable payloads and predictable consumer behavior, this plan provides baseline defense without overcomplicating your dev process — perfect for startups, internal APIs, or low-risk public integrations.
F5 ASM Advanced Plan - API Support
The Advanced API plan enhances security for growing or business-critical APIs. Building on the Essential plan, it adds entity tightening, dynamic parameter validation, and more frequent signature updates. With increased review frequency and proactive tuning, this plan is ideal for APIs with moderate complexity, higher exposure, or evolving usage patterns—giving your team confidence to scale securely without sacrificing agility.
F5 ASM Enterprise Plan - API Support
The Enterprise API plan delivers full-spectrum protection for high-risk, high-volume APIs. It includes custom threat profiling, CVE-based virtual patching, entity-based anomaly detection, and aggressive evasion blocking. Designed for mission-critical APIs, this plan ensures your most exposed interfaces stay resilient, compliant, and aligned with the latest OWASP and zero-day security practices—trusted by large enterprises with complex security needs.
F5 ASM - HTML/WEB Subscription Packages
F5 ASM Essential Plan - HTML / Website
The Essential HTML plan provides baseline protection for web applications by maintaining ASM signatures, enforcing basic compliance, and monitoring attack trends. With a 6-week review cycle, it suits organisations running relatively static websites or apps that require dependable WAF protection but minimal policy changes. You get core features like protocol enforcement, illegal response blocking, and basic parameter handling, ensuring your apps stay covered against OWASP Top 10 risks without needing constant admin input.
F5 ASM Advanced Plan - HTML / Website
The Enterprise HTML plan is our most comprehensive offering, with weekly or continuous tuning, full forensic support, and direct integration into your incident response and compliance processes. It includes everything from bot and evasion handling to OWASP custom hardening, file type protection, and integration with logging/SIEM platforms. This plan is ideal for regulated industries, finance, and high-traffic applications where downtime, false positives, or missed attacks come with high risk or regulatory exposure.
F5 ASM Enterprise Plan - HTML / Website
The Advanced HTML plan builds on the essentials by offering more frequent tuning (every 3 weeks), custom cookie and bot defense handling, and tighter controls over sensitive inputs and endpoints. It’s built for businesses running actively developed applications that change often, where parameter tuning, advanced cookie security, and input validation are necessary to reduce false positives while still catching real threats. This level includes structured entity handling, signature updates, and multi-URL policy scope, with selective implementation of complex methods and controls.