F5 introduces innovative solutions that simplify application and API security

F5 today announced a new line of leading-edge security products designed to provide customers with stronger protection and simplified management. With the introduction of F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (BIG-IP Next WAF), and NGINX App Protect for open source deployments, F5 has demonstrated industry-leading A full range of artificial intelligence (AI)-enabled applications and API security solutions further solidify its position as an industry leader.

F5 introduces innovative solutions that simplify application and API security

Many enterprises are facing a crisis caused by the operational complexity of hybrid and multi-cloud environments. According to F5's latest 2024 State of Application Strategy (SOAS) Report, 88% of enterprises are deploying applications and APIs across on-premises, cloud, or edge environments. Enterprises typically spend a lot of money on the ongoing maintenance, patching, and upgrading of physical and virtual appliances, and deploying applications across different cloud environments requires unique skills to manage a myriad of tools and services. This crisis is exacerbated by the growing demand for AI-driven services.

F5 solutions are designed to streamline operations and protect in a distributed environment, dramatically simplifying the management and security of exponentially growing applications and APIs that are at the heart of AI-enabled digital business. With its unified strategy, comprehensive automation, and rich data analysis capabilities, the innovative solution significantly alleviates the high workload of security and operations teams.

"Modern enterprises need efficient application and API security solutions that span distributed environments, and as APIs have become a prime target for cyberattacks, there is an urgent need for comprehensive API security to complement their web application security solutions," said Kara Sprague, executive vice president and chief product officer, F5. The solutions we're introducing today will further enhance and broaden F5's best protection for any application and API, no matter where it's deployed. ”

Deliver superior application and API security wherever you are

With a comprehensive portfolio, F5 brings its advanced security features to traditional and modern applications and APIs, ensuring customers can enforce a unified security strategy across data center, cloud, and edge deployments. With platform-based security policies, F5's distributed cloud services, BIG-IP, and NGINX users can seamlessly combine automation with the work of NetOps, SecOps, DevOps, and AppDev teams to embed protections throughout the application and API lifecycle in a CI/CD model.

By integrating Heyhack's innovative technology, F5 has launched Distributed Cloud Service Web Application Scanning, which brings powerful and automated security reconnaissance and penetration testing capabilities to customers. In addition, F5's award-winning distributed cloud service platform continues to enhance API security, including expanding API rate limiting capabilities, optimizing API inventory management, strengthening JWT authentication mechanisms, introducing custom pattern detection, and improving API discovery capabilities to effectively identify idle APIs, which greatly enhances the flexibility, control, and security of API usage and management. Going forward, F5 will continue to deepen its technology integration to provide a higher level of adaptability to application and API security through automated vulnerability detection, threat identification, and immediate remediation.

"Advanced application and API security is more critical than ever in the coming wave of AI-driven applications and services," said Chris Steffen, vice president of research at Enterprise Management Associates (EMA). In short, F5 is a leader in API security. F5's security innovations set the industry standard, and its comprehensive product matrix has established F5 as the absolute leader in cloud, applications, and cybersecurity. F5's solutions address increasingly complex application security and delivery environments, improving security strength and ease of management. We expect cybersecurity to continue to be the focus in multi-cloud environments in the future, and F5's product-oriented approach provides customers with a powerful solution to effectively address emerging security threats in distributed environments." ”

The new generation of WAF is ushering in a new era of automated, multi-cloud security

With a focus on operational simplicity and security embedded in every aspect of the application development process, the F5 BIG-IP Next Series brings greater security and operational efficiency to users of F5's flagship products. One of the highlights is the BIG-IP Next WAF, which enhances enterprise security in dynamic threat scenarios, protecting APIs and web applications from attacks by humans and automated tools. BIG-IP Next WAF also actively promotes "security as code" practices to ensure that application and API protection are integrated into the entire development process as early as possible. This integrated approach facilitates a seamless transition from test and staging environments to production environments.

BIG-IP Next WAF expands F5's BIG-IP feature set by adding automation capabilities and optimizing the cloud footprint, resulting in cost reduction and operational simplification. The solution provides increased flexibility while maintaining a consistent security policy across hybrid multicloud environments and distributed applications that rely on microservices and APIs. The BIG-IP Next WAF is just one component of the BIG-IP Next platform. BIG-IP Next continues the value proposition of reducing total cost of ownership and optimizing application performance by consolidating multiple application security and delivery functions into a single online physical or virtual appliance. At the same time, F5 has now introduced BIG-IP Next Local Traffic Manager, the next generation of BIG-IP LTM, which uses an API-centric design to reduce the complexity of managing and automating application delivery. As BIG-IP Next Access and BIG-IP Next SSL Orchestrator transition from limited to general availability, more security features will be available later this year.

Grzegorz Wieczorek, CTO and Co-Owner of Onito SP z.o.o., said: "As experts in DevOps, cybersecurity, IT architecture and compliance, we have built strong partnerships with our customers, a customer that provides insurance and risk management, and needs to develop, protect and ensure compliance with Kubernetes-based applications for their customers. We were impressed with the simplicity of management, API-based automation, comprehensive threat protection, and the ability to quickly deploy new policies. ”

Similarly, the just-released version of F5 NGINX App Protect WAF on OSS further brings F5's leading application security engine to public cloud and on-premises Kubernetes-based applications. With its advanced security features and compact footprint, this solution achieves efficient separation of the control plane and the data plane, significantly reducing the corresponding attack surface. Ideal for open source and enterprise customers, version 5.0 of NGINX App Protect WAF supports NGINX OSS and NGINX Plus and can be fully integrated into CI/CD frameworks to further enhance agile development methodologies.

The 2024 State of Application Strategy Report provides industry insights

Based on an in-depth survey of more than 700 IT decision makers around the world, F5 has released its 2024 State of Application Strategy (SOAS) report. As the tenth annual report in the series, it brings together the collective wisdom of IT leaders across industries as they discuss current priorities and concerns with F5, with a core focus on digital transformation, AI goals, and security focus. The report has a wide range of data samples, covering a diverse range of IT and management positions, from senior management to application development.

In addition, some notable safety-related findings include:

· Building a secure, multi-cloud network is a critical solution to today's operational complexities.

· The widespread use of APIs is driving significant changes in security practices, with 41% of organizations managing at least as many APIs as they do.

· Enterprises are nearly twice as likely to automate application and API security as they are to automate application delivery (43% vs. 25%).

A companion blog post by Kara Sprague provides insights into today's news and the State of Application Strategy 2024 report.

F5's leadership in application and API security is once again recognized in the EMA's 2024 Vision Report, which gives high marks to F5's comprehensive API security solutions.

(8716424)