AI Assistant for WAAP

Published April 5, 2023 | Last modified February 19, 2025

Objective

This document discusses how artificial intelligence (AI) is used to support and enhance the Web App & API Protection (WAAP) workspace.

F5® Distributed Cloud Services provides the WAAP workspace to help you mitigate application threats and vulnerabilities across multi-cloud and edge environments. WAAP provides a number of security related features including a web application firewall (WAF), DDoS mitigation, bot defense, API security, and Client-side defense.

Currently, AI is used to help you understand certain security related incidents through the AI Assistant. Using the WAAP UI, you can ask the AI Assistant to explain something, and it will look into the issue and provide an analysis, possible follow-up actions, and more details on the incident.

You can also ask the AI Assistant questions to get more information or other information. Currently, the AI Assistant has limited capabilities; however, the system is continuously evolving to cover a broader range of inquiries.

Prerequisites

A Distributed Cloud Services Account. If you do not have an account, see Create an Account.

Invoke the AI Assistant

Figure: AI Assistant Orb

Figure: AI Assistant Orb

Log into the Console and notice the multi-colored orb in the upper right. Click the AI Assistant orb to display the AI Assistant window.

Using the three buttons in the upper right, you can

  • Dock or undock the Ai Assistant.
  • Switch between large and small AI Assistant windows.
  • Hide the AI Assistant.

The AI Assistant will remember your choices and use them for the next invocation.

The AI Assistant will also be displayed

Explain a Security Event

Security events are shown on the WAAP Security Overview page under Security Analytics.

Figure: Security Analytics Page

Figure: Security Analytics Page

Explain a Security Event.

  • Log into the Console and Select the Web App & API Protection service.

  • Navigate to Overview > Security and select the Security Analytics tab.

  • Set the Events | Incidents selector above the graph to Events.

  • Find the event you want to analyze in the events list at the bottom of the page. You may find it helpful to change the time period above the graph on the right.

  • For the event in question, click ... > Explain with AI.

Figure: Security Analytics AI Assistant Explanation

Figure: Security Analytics AI Assistant Explanation

You are now using the AI assistant, and it is showing the results of your implied question.

Explain a Request

Requests are shown on the WAAP Performance Overview page under Requests.

Figure: Performance Requests Page

Figure: Performance Requests Page

Explain a Request.

  • Log into the Console and Select the Web App & API Protection service.

  • Navigate to Overview > Performance and select the Requests tab.

  • Find the request you want to analyze in the request list at the bottom of the page. You may find it helpful to change the time period above the graph on the right and/or use the Search field to narrow the list of requests in the table.

  • For the request in question, click ... > Explain with AI.

Figure: Performance Requests AI Assistant Explanation

Figure: Performance Requests AI Assistant Explanation

You are now using the AI assistant, and it is showing the results of your implied question.

References

On this page: