F5 has recently announced an enhancement to its application delivery and security platform, introducing an AI-powered web application firewall (WAF) designed to protect networks from pre-exploit attacks. As vulnerabilities become more rapidly exploited, largely due to advances in AI, the company is adapting its Web Application and API Protection (WAAP) capabilities to stay ahead of threats.
Key Features of the AI-Powered WAF:
-
Behavioral Detection: This new WAF utilizes a neural network model that evaluates every request in real time, providing a risk score based on various behavioral signals, instead of depending solely on signature matching.
-
On-Premises API Security: F5 has rolled out an API Security Local Edition, delivering API security solutions for environments that require added regulations without relying on cloud services.
-
Virtual Patching: This improved capability combines the advanced WAF with web app scanning tools to implement runtime protections at the application delivery layer while the development of a software fix is underway.
The AI-focused WAF is currently available through F5’s Distributed Cloud Services, with plans to extend this technology to its on-premises solutions, such as BIG-IP and Nginx platforms.
Joel Moses, F5’s vice president of strategic engineering, emphasized that relying on signature-based detection methods is ineffective in today’s landscape where machine-driven attackers can generate new attack vectors rapidly. The F5 approach prioritizes behaviour analysis over conventional signature comparisons, enabling organizations to recognize potential threats more quickly and respond effectively.
This system not only scores requests but also provides actionable context to security teams, enhancing detection capabilities against novel exploit patterns. Notably, it effectively stops known and unknown exploits before signatures are developed, thus better guarding against vulnerabilities.
Recent tests conducted by SecureIQLab showcased that F5’s WAF achieved a security score of 97.09%, including perfect scores in critical areas against the OWASP Top 10 risks. Clients who have implemented this system have observed a significant reduction in false positives, improving operational efficiency and security responsiveness.
Virtual Patching as a Strategic Tool:
With threats evolving faster than traditional remediation can keep up, the AI-powered WAF’s virtual patching feature proves essential for organizations. This tool offers protection in the period leading up to the implementation of traditional software fixes, acting as a dynamic safeguard against vulnerabilities as they are discovered.
Moses explained that while virtual patching should not replace actual code fixes, it is a valuable asset in managing the window of vulnerability and ensuring operational security until more permanent solutions can be put in place.
