F5 announced new best-in-class security offerings that strengthen protections and simplify management for customers. With the launches of F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments, F5 is extending its leadership with the industry’s most effective and most comprehensive AI-ready app and API security suite.
Many enterprises are in crisis driven by the complexity of operating hybrid and multicloud environments. According to F5’s just released 2024 State of Application Strategy (SOAS) Report, 88% of enterprises are deploying apps and APIs across a mix of on-premises and cloud or edge environments. Significant time and resources are spent on continual maintenance, patching, and upgrades for physical and virtual appliances, while deployments in different clouds require unique skill sets to manage a sprawling number of tools and services. The added pressure of delivering AI-enabled services makes this crisis even worse.
F5’s solutions provide high-efficacy protections with streamlined operations across distributed environments, simplifying the management and security of the exploding number of applications and APIs at the heart of modern AI-driven digital businesses. The new solutions announced today ease the burden on overwhelmed security and operations teams with consistent policy, comprehensive automation, and rich analytics.
Leading App and API Security Everywhere You Need It
F5’s expansive portfolio brings the company’s leading security capabilities to both traditional and modern apps and APIs—enabling customers to maintain consistent security policies across data center, cloud, and edge deployments. With a platform approach to security, F5 Distributed Cloud Services, BIG-IP, and NGINX customers can more easily combine automation capabilities with the efforts of NetOps, SecOps, DevOps, and AppDev teams to incorporate protections throughout application and API lifecycles within a CI/CD model.
With the integration of technology acquired via Heyhack to form F5 Distributed Cloud Services Web Application Scanning, customers can now access compelling automated security reconnaissance and penetration testing capabilities. Additionally, F5’s award-winning Distributed Cloud Services continue to enhance API security, including the expansion of API rate limiting capabilities, improved API inventory management, JWT validation enhancements, custom pattern detection, and improved API discovery capabilities to identify zombie APIs. This approach provides greater flexibility, control, and security for API usage and management. Looking forward, F5 will deepen this integration to deliver more adaptable app and API security through automated vulnerability discovery, threat identification, and remediation.
Kara Sprague, EVP and Chief Product Officer at F5
Modern organizations require high-efficacy app and API security that extends across their distributed environments. APIs are now the target of most cyberattacks, and organizations of all sizes must complement their web app security solutions with comprehensive API security. The solutions we’re introducing today further enhance and extend F5’s best-in-class protection for any app and any API, no matter where it is deployed.
Chris Steffen, Vice President, Research, Enterprise Management Associates
Advanced app and API security have never been more important, especially with the coming wave of AI-based applications and services. Simply put, F5 is the definitive leader in API security. F5’s security innovations have set the standard in the market, and their holistic approach across their product portfolio has made the company a definitive leader in cloud, application, and network security. F5 solutions bring heightened security and simplicity to increasingly complicated application security and delivery environments. We anticipate security for multicloud networking will continue to be of intense interest going forward, and F5’s portfolio-driven approach offers customers effective options to guard against modern attacks in distributed environments.
