F5 is upgrading its systems to provide better assistance for corporate clients who are dealing with increasing security risks aimed at in-house and cloud-hosted applications.
The firm has introduced web application scanning for its core Distributed Cloud Services, fresh firewalls for its BIG-IP intelligent traffic supervision and load balancing service, along with NGINX App Protect for open source applications. F5’s Distributed Cloud Service is a SaaS-oriented platform that facilitates the management of applications, infrastructure and security services across public cloud, private cloud and edge sites of customers.
The latest features aim to help corporate clients safeguard extensively spread and progressively intricate application resources – a task that is becoming increasingly challenging, as pointed out by the executives at F5.
According to the CEO, F5’s Francois Locoh-Donou, during the second-quarter earnings call of the company this week, “The situation with application security and delivery for large corporations is currently causing a crisis among IT teams. The growing complexity, along with the cost and risks linked to it are not just increasing incrementally – it’s untenable, and with each passing day, it only grows worse.”
“Manual tasks, inconsistent security controls, operational silos, lack of available talent, escalating cloud costs, and inefficient traffic routing are slowing them down,” Locoh-Donou continued. “We have affectionately named this set of escalating challenges, the ‘ball of fire.’”
On average, organizations are operating across 4.5 different types of environments, which adds to the challenges, Locoh-Donou said.
“Most organizations have hundreds of applications, each with a set of associated APIs distributed across these multiple environments,” Locoh-Donou said. “And because modern applications have decomposed monolithic applications into smaller components, those components are more fragmented and distributed. As a result, APIs and data also are more distributed. The result of this expansion and distribution is amplified security risks across a larger attack surface area.”
These challenges will be further intensified by the inevitable widespread adoption and proliferation of AI, Locoh-Donou said.
F5 has announced new improvements including the incorporation of acquired web scanning technology from Heyhack into its Distributed Cloud Services. This allows customers to utilize automated security searches and penetration tests to detect potential weaknesses across their multicloud setup.
According to F5, future plans aim to strengthen this integration in order to offer more flexible app and API security. This will be achieved through the automation of vulnerability finding, threat identification, and issue resolution.
Additionally, F5 has updated the vendor’s BIG-IP aspect. It launched a new container-based Web Application Firewall (BIG-IP WAF) capable of receiving and implementing upgrades more frequently. F5 stated that the ability for customers to apply updates quickly allows them to stay ahead of the escalating quantity and increasing complexity of threats and exploits.
The WAF from F5 also includes policy formation, production, and migration that can be distributed across its WAF solutions. Thus, customers with diverse, mixed application estates can manage an application security policy in a single location—regardless of the positioning of their applications and WAF deployments, explained F5.
The company also unveiled a new version of F5 NGINX App Protect WAF. According to F5 the NGINX WAF now features a smaller footprint and separates the control and data planes, which significantly reducing the attack surfaces. The package can reduce the cost of breaches by 80% because its declarative policies can be implemented directly into security-as-code packages, F5 stated. Version 5.0 of NGINX App Protect WAF supports both NGINX OSS and NGINX Plus and can be fully integrated into software development CI/CD frameworks, F5 stated.
The new developments are just the latest for F5. Earlier this year F5 reinforced its Distributed Cloud Service platform with a new API discovery and protection service that’s aimed at giving customers a simple way to discover API endpoints, monitor traffic for vulnerabilities, provide testing, and protect applications.