Enhanced API defenses, granular machine learning capabilities, and new managed service offerings provide comprehensive protection across distributed environments
F5 customers can now strengthen their security posture with a continuously improving analysis engine and unified policy enforcement. These capabilities enable secure app-to-app communications through validated and monitored APIs, thereby reducing the time security teams spend correcting false positives and accelerating time-to-deployment for new services. The enhancements, as well as new managed service offerings for enterprises and service providers, accelerate the momentum of F5 Distributed Cloud Services, introduced in 2022 and bolstered by the recent launch of multi-cloud networking solutions.
Modern organizations continue to demonstrate a clear preference for hybrid solutions. According to F5’s 2023 State of Application Strategy (SOAS) Report, 85% of respondents have deployed apps and APIs in distributed environments spanning multiple public clouds, as well as on-premises and edge locations. More than 20% of respondents are deploying apps and APIs in six different environments. At the same time, security teams struggle to provide consistent protection and visibility for a rapidly expanding attack surface area. This is primarily because many contemporary web application and API protection (WAAP) solutions rely on point products or offerings based on (and provided by) CDN vendor technologies that cannot adequately scale beyond cloud-based apps and lack the ability to be deployed on premises, in public clouds, or in other edge locations.
“Applications and APIs are the building blocks of the digital experiences through which we all work, bank, shop, access healthcare, travel, and play,” said
F5 offers a full suite of capabilities to provide robust protection for apps and APIs across on-premises, cloud, and edge locations. Moreover, F5’s end-to-end approach to security means that threat data can be gathered and analyzed across all deployed locations, including ongoing and emerging attack campaigns detected by the F5 Threat Campaigns service. As part of a larger hardware, software, SaaS, and managed services portfolio that also provides best-in-class application delivery capabilities, F5 security solutions protect a diverse mix of distributed apps and APIs in any environment without adding further operational complexity.
Enhanced API Security Provides Greater Protection for Modern Apps
F5 offerings are firmly in step with organizations’ desire to deploy security capabilities in the public cloud and as-a-service. Unlike API-only point product security providers, F5 delivers API auto-discovery, policy enforcement, and anomaly detection as part of a unified WAAP service, simplifying operations and enforcement through a single console for both app and API protection. Since static signature-based controls are insufficient for protecting API endpoints due to their dynamic, evolving nature, F5 Distributed Cloud API Security utilizes optimized machine learning for automatic API discovery, threat detection, and schema enforcement. By observing normal behavior patterns across all endpoints, F5’s advanced analysis engine helps users detect anomalies and refine API schemas to improve their overall security posture. Additionally, F5 supports token identification to detect anomalous behavior accessing JWT tokens and prevent unauthorized usage.
AI as an Essential Element of App Security
According to F5’s SOAS Report, nearly two-thirds of organizations are prioritizing the use of AI/machine learning, with security as a top use case. CISOs view such capabilities as a means to reduce the time between detection and response without compromising efficacy or requiring additional security staff. In addition to AI-based enhancements for Distributed Cloud API Security, F5 is introducing AI-driven web application firewall (WAF) capabilities, including unique malicious user detection and mitigation capabilities that create a per-user threat score based on behavioral analysis that determines intent. This enables security operations to choose between alerting or automatic blocking to mitigate an attack that would otherwise go undetected by static signatures. With F5, all traffic is monitored and proactive defenses are applied based on malicious user behavior that can be correlated across Distributed Cloud WAAP deployments. New functionality also provides false positive suppression, making it easier to block bad traffic without accidentally blocking legitimate users, and streamlines operations by reducing the time necessary to enable specific app protections.
Simplifying App Security through Managed Service Offerings
Given organizations’ growing challenges in deploying consistent security across increasingly distributed infrastructures—as well as finding available personnel with the required security skillsets—F5 is expanding its managed service offerings:
“The beauty of F5 is that they understand each application and provide a solution for that application,” said Mhd Wail Wajih Khachfa, Chief Information Security Officer,
“Just as every business has different risk factors, app security will never be one size fits all,” said
F5 is a multi-cloud application services and security company committed to bringing a better digital world to life. F5 partners with the world’s largest, most advanced organizations to secure and optimize every app and API anywhere—on premises, in the cloud, or at the edge. F5 enables organizations to provide exceptional, secure digital experiences for their customers and continuously stay ahead of threats. For more information, go to f5.com. (NASDAQ: FFIV)
F5 is a trademark, service mark, or tradename of