F5 Safeguards Digital Services with Enhanced API Defenses

F5 announces today security capabilities to give customers comprehensive protection and control in managing apps and APIs across on-premises, cloud and edge locations. Specifically, new machine learning enhancements provide F5’s cloud security portfolio with advanced API endpoint discovery, anomaly detection, telemetry and behavioral analysis.

As more transactions and customer engagements occur through digital channels organizations seek better solutions to provide secure experiences for their end users and maintain their trust. With APIs as the building blocks of modern web and mobile experiences, protecting these assets is the cornerstone of securing digital services.

F5 customers can strengthen their security posture with an improving analysis engine and unified policy enforcement. These capabilities enable secure app-to-app communications through validated and monitored APIs, thereby reducing the time security teams spend correcting false positives and accelerating time-to-deployment for new services. The enhancements, as well as new managed service offerings for enterprises and service providers, accelerate the momentum of F5 Distributed Cloud Services, introduced in 2022 and bolstered by the launch of multi-cloud networking solutions.

Modern organizations demonstrate a preference for hybrid solutions. According to F5’s 2023 State of Application Strategy (SOAS) Report, 85 percent of respondents have deployed apps and APIs in distributed environments spanning multiple public clouds, as well as on-premises and edge locations. More than 20 percent of respondents deploy apps and APIs in six different environments.

At the same time, security teams struggle to provide consistent protection and visibility for an expanding attack surface area. This is because many contemporary web application and API protection (WAAP) solutions rely on point products or offerings based on (and provided by) CDN vendor technologies that cannot scale adequately beyond cloud-based apps and lack the ability to be deployed on-premises, in public clouds, or in other edge locations.

F5 offers a full suite of capabilities to provide robust protection for apps and APIs across on-premises, cloud and edge locations. Moreover, F5’s end-to-end approach to security means threat data can be gathered and analyzed across all deployed locations, including ongoing and emerging attacks detected by the F5 Threat Campaigns service. As part of a larger hardware, software, SaaS, and managed services portfolio that also provides application delivery capabilities, F5 security solutions protect a diverse mix of distributed apps and APIs in any environment without adding additional operational complexity.

F5 offerings are in step with organizations’ desire to deploy security capabilities in the public cloud and as-a-service. Unlike API-only point product security providers, F5 delivers API auto-discovery, policy enforcement and anomaly detection as part of a unified WAAP service, simplifying operations and enforcement through a single console for app and API protection.

Since static signature-based controls are insufficient for protecting API endpoints due to their dynamic, evolving nature, F5 Distributed Cloud API Security uses optimized machine learning for automatic API discovery, threat detection and schema enforcement. By observing normal behavior patterns across all endpoints, F5’s analysis engine helps users detect anomalies and refine API schemas to improve their overall security posture.

Additionally, F5 supports token identification to detect anomalous behavior accessing JWT tokens and prevent unauthorized usage.

Given customers’ growing challenges in deploying consistent security across distributed infrastructures – as well as finding personnel with the required security skillsets – F5 is expanding its managed service offerings:

  • Distributed Cloud WAAP Managed Services enable F5 customers to access the experience and expertise of the F5 SOC to manage WAF, bot defense and DDoS Through a shared console, customers can move between a self-service or managed service model as the needs of their apps and approach to app security change.
  • Distributed Cloud Managed Service Portal enables F5 service provider partners to build and tailor their own managed service offerings based on the security capabilities of F5 Distributed Cloud WAAP. This approach lets partners manage Distributed Cloud WAAP on behalf of their customers without sacrificing visibility, resulting in revenue sources and value-added services while extending the reach of the solution.

For more information, go to f5.com.