Safari
Chrome
Firefox
Edge
What's popular
How to Secure Your Apps and APIs in the Cloud Without Compromising Speed
WWT + F5 can help you protect your organization while providing greater flexibility, agility, and scalability
Securing the Cloud Frontier: Insights into F5's Distributed Cloud Solutions | Partner Spotlight
As security strategies continue to evolve and move toward hybrid models, the challenges, and complexities of multicloud infrastructures are becoming increasingly evident. IT and business leaders alike must navigate this terrain by offering innovative solutions that address both application delivery and security across diverse cloud architectures.
This webinar will shed light on the industry trends and market dynamics that are shaping the need for advanced security solutions. F5 leaders — Kara Sprague, EVP and Chief Product Officer and Kevin Hollenbach, SVP of North America Sales — will share their insights into how the F5 comprehensive security portfolio addresses these challenges.
Discover how the partnership between WWT and F5 can provide a holistic approach to secure connectivity and protection in the era of distributed, multicloud environments. Gain valuable insights into the unique features and capabilities that differentiate the F5 solutions from the competition.
OWASP API Top 10 Deep Dive - Part Duex
Part two of our five-part deep dive on the OWASP API Top 10.
F5 Distributed Cloud WAAP Use Cases Demo
Several of the fundamental principles of F5 Distributed Cloud (XC) are highlighted in this lab environment.
You will be simulating a customer during the lab who needs to verify the safety of an application. The objective is to verify the applications safety of on-premises or application on cloud before and after enabling F5 Distributed Cloud Console WAAP Capabilities by sending attacks to the application.
F5 Distributed Cloud SaaS: WAAP (Web App and API Protection)
Explore the Web App & API Protection (WAAP) capabilities of F5 Distributed Cloud platform.
What's new
OWASP API Top Ten Deep Dive Part 4
Part 4 of 5 on the 2023 OWASP API Top Ten.
OWASP API Top Ten Deep Dive Part 5
The fifth and final installment in the series on OWASP's API Top Ten.
How to Secure Your Apps and APIs in the Cloud Without Compromising Speed
WWT + F5 can help you protect your organization while providing greater flexibility, agility, and scalability
Partner POV | Securing Travel Industry API Integrations
Hotel chains faced challenges in securing its numerous APIs, including both internal and external integrations, leading to concerns about partner interactions and potential security risks.
OWASP API Top 10 Deep Dive - Part Duex
Part two of our five-part deep dive on the OWASP API Top 10.
OWASP API Top Ten Deep Dive, Part 3
We bring to you the third installment of our five-part deep dive on the OWASP API Top 10.
Securing the Cloud Frontier: Insights into F5's Distributed Cloud Solutions | Partner Spotlight
As security strategies continue to evolve and move toward hybrid models, the challenges, and complexities of multicloud infrastructures are becoming increasingly evident. IT and business leaders alike must navigate this terrain by offering innovative solutions that address both application delivery and security across diverse cloud architectures.
This webinar will shed light on the industry trends and market dynamics that are shaping the need for advanced security solutions. F5 leaders — Kara Sprague, EVP and Chief Product Officer and Kevin Hollenbach, SVP of North America Sales — will share their insights into how the F5 comprehensive security portfolio addresses these challenges.
Discover how the partnership between WWT and F5 can provide a holistic approach to secure connectivity and protection in the era of distributed, multicloud environments. Gain valuable insights into the unique features and capabilities that differentiate the F5 solutions from the competition.
Partner POV | Introducing Easy API Security Deployment
This article discusses the integration of Akamai API Security with Akamai Connected Cloud, highlighting the benefits of the native connector and how it offers a seamless and efficient way for Akamai customers to enhance their security posture by protecting against API vulnerabilities and abuse while streamlining deployment and maintenance processes.
F5 Distributed Cloud: API Discovery, Inventory, and Security
The lab summarizes how F5 Distributed Cloud can discover, inventory, and secure critical APIs, helping you defend your known endpoints and bring the rogue Shadow APIs into the light.
The connected world runs on APIs. Your banking app uses them, your ride share app uses them, even that weather app you check before walking out the door, it gets that data from an API. We interact with them multiple times throughout our daily life, to do everything from the most essential to the most mundane. They are simply everywhere and more and more are being published every day. As you would expect, this proliferation of APIs has marked them as a prime target for malicious actors. In the last couple years there have been quite a few well publicized attacks. From social media to fitness firms, no industry seems to be safe. With recent reports indicating that API vulnerabilities are costing businesses billions of dollars annually, it's no wonder they are at the top of mind of many cyber security professionals.
OWASP API Top 10 Deep Dive, Part 1
For part one of this series, we discuss the vulnerability categories of the new 2023 OWASP API Top 10.
Partner POV | Akamai Defends Against the OWASP Top 10 API Security Risks
Discover how Akamai addresses the challenges of API sprawl and security vulnerabilities in today's dynamic application landscape.
Partner POV | Protect Every API Anywhere With API Security
Learn how Akamai's newly launched API Security addresses the escalating challenges of securing APIs amidst a 2.5x surge in web app and API attacks over the past year, particularly within the financial sector.
Beyond the Cyber Basics: A Recap From Black Hat USA 2023
I recently attended Black Hat USA 2023 in Las Vegas, where the lights shined on AI, applications, API, cloud, data and software supply chain security. Reflecting on this well-attended event, I bring to you some perspective on the state of the industry.
Overview: F5 Distributed Cloud Web Application and API Protection (WAAP)
In a world that runs on apps, application security is business security.
API Security - Visibility Into an Expanding Attack Surface
APIs are designed to extend functionality without the overhead costs of configuring additional security tools. This flexibility and the rapid pace of change often has unintended side effects, such as increasing your attack surface, exposing business logic and/or data leakage. Increased visibility, ownership, tooling and management of your APIs will help reduce the attack surface and help rationalize user behavior and mitigate business logic abuse and data breach. These are just a few of the outcomes that a successful API Security program should provide.
Web Application Firewall Runtime Defense for Applications and APIs
Web and Mobile Applications, by design, increase your attack surface and change rapidly in today's digital first economy. Increased visibility, ownership, tooling, and management of your APIs will help reduce the attack surface and help rationalize user behavior and mitigate business logic abuse and data breach — these are just a few of the outcomes that a successful API Security program should provide. Securing the enterprise, both on-premises and in the cloud, is a challenge in today's landscape.
Defend to Secure: A Journey
Read the musings of a web application security professional adjusting to the change in market as we come upon RSA 2023.
F5 Distributed Cloud WAAP Use Cases Demo
Several of the fundamental principles of F5 Distributed Cloud (XC) are highlighted in this lab environment.
You will be simulating a customer during the lab who needs to verify the safety of an application. The objective is to verify the applications safety of on-premises or application on cloud before and after enabling F5 Distributed Cloud Console WAAP Capabilities by sending attacks to the application.
API Security with OAuth2.0 using JWT Tokens
The purpose of this lab is to demo how NGINX Controller API Management Module and NGINX App Protect can secure the OAuth Authorization Code flow, which is core to Open Banking specifications. The NGINX App Protect will be deployed as an Ingress Controller for Kubernetes and will provide both negative and positive security by ingesting the OpenAPI declaration file. The NGINX API Gateway will be controlled by NGINX Controller, will publish the application API based on the same OpenAPI declaration file, will provide JWT authentication and authorization and enforce rate limiting. The deployment and configuration of these elements will be performed automatically through a CI/CD pipeline. ELK dashboards will be used for visualization purposes and, lastly, a DAST tool will also be run as part of the CI/CD pipeline. BIG-IP APM is deployed as both Authorization Server with OpenID Connect support and as OAuth Client, in separate instances.
Achieve OWASP Compliance Through BIG-IP AWAF
Systems are at higher risk without a concerted, repeatable application security configuration process. In this lab, you will learn how to build a declarative AWAF policy and achieve OWASP Top Ten (2021) compliance with the BIG-IP OWASP Compliance Dashboard. A complete CI/CD pipeline is used to deploy our AWAF policy to the BIG-IP system using Application Services 3 Extension (AS3) and Ansible.