Protecting apps and APIs with F5

F5 has announced enhancements to F5 Distributed Cloud Services to assist customers in safeguarding and delivering the digital experiences that have become essential in the ways we interact, seek entertainment, and purchase goods and services.

F5 Distributed Cloud Services, which were introduced earlier this year, offer a SaaS-based, platform-driven approach to securing the critical elements of connected experiences via a comprehensive set of web, mobile app, and API protection.

These capabilities are being expanded with new solutions that support additional platforms, defend against common attacks, and give customers more control over modern application architectures. 

“Many organizations have found that by adding or expanding digital services for users, they may have inadvertently increased the attack surface for any number of emerging threats,” said Haiyan Song, EVP and GM, Security & Distributed Cloud Product Group, F5. “Accordingly, companies are prioritizing security solutions that can help them extend compelling capabilities—and competitive differentiation to delight their customers—without sacrificing security and privacy. F5 remains focused on providing a growing portfolio of security solutions to safeguard even the most diverse application ecosystems.”

Application service environments have become more complex as organizations improve the digital services they provide to users and pursue a broader range of infrastructure models to improve performance and reduce costs.

Two such related trends have been the rise in companies’ reliance on APIs and multi-cloud environments to support applications, with F5’s 2022 State of Application Strategy Report finding that 78% of organizations are currently focused on API security measures, and over three-quarters of respondents reporting that they now run applications in multiple clouds.

The rise in companies’ reliance on APIs and multi-cloud environments to support applications are two such related trends, with F5’s 2022 State of Application Strategy Report revealing that 78% are currently focused on API security measures, and more than three-quarters of respondents reporting that they now run applications in multiple clouds.

To be effective in today’s dynamic security landscape and support adaptive applications, vendors must provide solutions that reduce operational complexity and offer a constantly evolving set of controls, both through the use of sophisticated AI/ML technologies and the rapid introduction of new services (such as connecting bot protection to popular CDNs, application delivery controllers, and e-commerce and application platforms). F5’s comprehensive security strategy is bolstered further by technology partnerships and ecosystem integrations.

“No one security vendor can do it all, but some are clearly leading the pack,” said Chris Steffen, Managing Research Director, Enterprise Management Associates. “F5’s innovation and expertise combine its new SaaS-based portfolio through F5 Distributed Cloud Services, a substantial install base across the Fortune 500, and valuable threat intelligence through F5 Labs to offer an ecosystem-based approach aimed at protecting any application and API, anywhere, from hackers and bots.”

Security enhancements to F5 Distributed Cloud Services include:

• Distributed Cloud Bot Defense Connector for BIG-IP – With continuing integration efforts stemming from the Shape Security acquisition, Distributed Cloud Bot Defense capabilities have been added to F5’s flagship platform, both as a native module in current BIG-IP version 17 software and via an iApp for previous versions. Distributed Cloud Bot Defense collects rich client-side signals, transmits this telemetry to its data system, uses AI to detect bot retooling, and immediately deploys rule updates for real-time detection to help organizations stay ahead of attackers.
   
• Distributed Cloud Bot Defense Connector for Salesforce Commerce Cloud – Increasing the reach of its security solutions to further support popular e-commerce platforms, F5 has natively integrated Distributed Cloud Bot Defense for Salesforce Commerce Cloud (SFCC). This solution, which can be downloaded here, uses AI and machine learning to identify, block, and redirect fraudulent traffic in real time, protecting against account takeover, credential stuffing, web scraping, checkout abuse, denial of inventory, and other attacks.
   
• Distributed Cloud Client-Side Defense – F5 offers a free product to address the growing risks of third-party digital supply chain attacks. This self-service mitigation solution provides signature-based Magecart detection and alerts by maintaining details related to previous attacks, enabling organizations to immediately block otherwise damaging threats with one simple click. The solution also now features simplified onboarding and satisfies the new PCI DSS 4.0 requirement (6.4.3 and 11).
   
• Distributed Cloud DNS – F5 is building on the expansive scale and performance of its Distributed Cloud Platform and Global Network to offer a fast, secure DNS solution that can be deployed either as a primary or secondary DNS for failover purposes. This offering—available for free and paid plans—provides DNS services closer to the point of interaction across F5’s global network to ensure that websites and applications can be delivered more quickly and reliably. Distributed Cloud DNS is secure by default by virtue of being hosted on the network of F5 global points of presence (PoPs).
   
• Rate Limiting for API Endpoints – Like any other modern application component, APIs can be subject to broad-scale attacks that overwhelm their ability to communicate and transmit data. And the rapid adoption of APIs across today’s application architectures has made them an attractive attack vector. With Distributed Cloud API Security, new rate limiting capabilities are applied across API endpoints to help throttle high volume traffic, ensuring legitimate connections can be successfully completed while increasing the security and resilience of applications overall.