F5 enhances protection for apps and APIs

New capabilities extend the reach of F5 Distributed Cloud Services for easy to deploy SaaS-based security.

  • Friday, 17th June 2022 Posted 2 years ago in by Phil Alsop

F5 has introduced enhancements to F5 Distributed Cloud Services to help customers safeguard and deliver the digital experiences that have become vital to everyday life in the ways we interact, seek out entertainment, and purchase goods and services.

Introduced earlier this year, F5 Distributed Cloud Services provide a SaaS-based, platform-driven approach to secure the essential elements of connected experiences through a comprehensive set of web, mobile app, and API protections. Today’s announcement expands these capabilities with new solutions that support additional platforms, defend against common attacks, and provide customers with more control over modern application architectures.

“Many organisations have found that by adding or expanding digital services for users, they may have inadvertently increased the attack surface for any number of emerging threats,” said Haiyan Song, EVP and GM, Security & Distributed Cloud Product Group, F5. “Accordingly, companies are prioritising security solutions that can help them extend compelling capabilities—and competitive differentiation to delight their customers—without sacrificing security and privacy. F5 remains focused on providing a growing portfolio of security solutions to safeguard even the most diverse application ecosystems.”

As organisations enhance the digital services provided to users and pursue a wider breadth of infrastructure models to improve performance and reduce costs, application service environments have become more complex.

Two such related trends have been the rise in companies’ reliance on APIs and multi-cloud environments to support applications, with F5’s 2022 State of Application Strategy Report finding that 78% of organisations are currently focused on API security measures, and over three-quarters of respondents reporting that they now run applications in multiple clouds.

To be effective in today’s dynamic security landscape and support adaptive applications, vendors must provide solutions that reduce operational complexity and offer a set of controls that is constantly evolving, both through the use of sophisticated AI/ML technologies and the rapid introduction of new services (such as connecting bot protection to popular CDNs, application delivery controllers, and e-commerce and application platforms). F5’s approach to comprehensive security is further strengthened through technology partnerships and ecosystem integrations.

Security enhancements to F5 Distributed Cloud Services include:

Distributed Cloud Bot Defense Connector for BIG-IP – With continuing integration efforts stemming from the Shape Security acquisition, Distributed Cloud Bot Defense capabilities have been added to F5’s flagship platform, both as a native module in current BIG-IP version 17 software and via an iApp for previous versions. Distributed Cloud Bot Defense collects rich client-side signals, transmits this telemetry to its data system, uses AI to detect bot retooling, and immediately deploys rule updates for real-time detection to help organisations stay ahead of attackers.

 

Distributed Cloud Bot Defense Connector for Salesforce Commerce Cloud – Increasing the reach of its security solutions to further support popular e-commerce platforms, F5 has natively integrated Distributed Cloud Bot Defense for Salesforce Commerce Cloud (SFCC). This solution, which can be downloaded here, uses AI and machine learning to identify, block, and redirect fraudulent traffic in real time, protecting against account takeover, credential stuffing, web scraping, checkout abuse, denial of inventory, and other attacks.

 

Distributed Cloud Client-Side Defense – F5 offers a free product to address the growing risks of third-party digital supply chain attacks. This self-service mitigation solution provides signature-based Magecart detection and alerts by maintaining details related to previous attacks, enabling organisations to immediately block otherwise damaging threats with one simple click. The solution also now features simplified onboarding and satisfies the new PCI DSS 4.0 requirement (6.4.3 and 11).

 

Distributed Cloud DNS – F5 is building on the expansive scale and performance of its Distributed Cloud Platform and Global Network to offer a fast, secure DNS solution that can be deployed either as a primary or secondary DNS for failover purposes. This offering—available for free and paid plans—provides DNS services closer to the point of interaction across F5’s global network to ensure that websites and applications can be delivered more quickly and reliably. Distributed Cloud DNS is secure by default by virtue of being hosted on the network of F5 global points of presence (PoPs).

 

Rate Limiting for API Endpoints – Like any other modern application component, APIs can be subject to broad-scale attacks that overwhelm their ability to communicate and transmit data. And the rapid adoption of APIs across today’s application architectures has made them an attractive attack vector. With Distributed Cloud API Security, new rate limiting capabilities are applied across API endpoints to help throttle high volume traffic, ensuring legitimate connections can be successfully completed while increasing the security and resilience of applications overall.

“No one security vendor can do it all, but some are clearly leading the pack,” said Chris Steffen, Managing Research Director, Enterprise Management Associates. “F5’s innovation and expertise combine its new SaaS-based portfolio through F5 Distributed Cloud Services, a substantial install base across the Fortune 500, and valuable threat intelligence through F5 Labs to offer an ecosystem-based approach aimed at protecting any application and API, anywhere, from hackers and bots.”