Forum Discussion
samstep
Nov 03, 2018Cirrocumulus
ASM only protects the server side (requests which made it from user's browser to F5). If a user types a password/credit card in their browsers and doesn't click Submit button there is no way ASM can protect it as this password has not reached ASM yet.
If you want to protect the client side from man-in-the-browser malware you need WebSafe and Advanced WAF