Overview
Explore
Partners
26 results found
MITRE ATT&CK vs. Cybersecurity Kill Chain: A Simple Breakdown
In the third installment of the "Grizzled CyberVet: Practical Cybersecurity" collection, we compare and contrast the Cybersecurity Kill Chain and MITRE ATT&CK Framework.
The MITRE ATT&CK Framework: A Beginner's Guide
As part of the "Grizzled CyberVet: Practical Cybersecurity" collection, we examine the MITRE ATT&CK framework. We simplify and explain this framework used by attackers to compromise your digital ecosystem.
Harness the Power of Azure with NGINXaaS – Advanced Load Balancing and API Gateway
This blog explains how modern, API-driven applications demand cloud-native security and highlights how F5 NGINXaaS for Azure delivers a fully managed, high-performance WAF to protect them. It outlines key capabilities such as OWASP Top 10 defenses, API security, DevSecOps integration and Azure-native observability, helping enterprises secure apps and APIs without hardware or operational overhead.
Comprehensive Guide to OWASP Top 10: Web Applications, APIs and Automated Threats
The Open Web Application Security Project (OWASP) provides industry-standard frameworks for identifying and mitigating the most critical security risks facing modern applications. This guide explores three critical OWASP initiatives and maps F5's Web Application and API Protection (WAAP) solutions to each threat category.
What You'll Learn:
* OWASP Web Application Security Top 10 (2021)
* OWASP API Security Top 10 (2023)
* OWASP Automated Threats to Web Applications (21 threat types)
* How F5 solutions protect against each threat category
* Hands-on lab exercises to practice defense techniques
ASPM and API Security: Complementarity at its Finest
A continuation of our article series on the how ASPM and API security complement each other and provide complete code-to-runtime security for API.
PCI DSS 4, APIs and You - The Ostrich is Looking Around
The Payment Card Industry (PCI) Security Standards Council's Data Security Standard (DSS) 4.0, effective March 31, 2024, introduces significant updates with a focus on API security. It mandates broader code repository coverage, emphasizes secure development practices, and encourages early integration of security measures, marking a notable shift towards a proactive security culture in handling sensitive payment information.
The Imperative Shift Left: How API Security is Redefining Traditional SecOps
In today's IT landscape, digital transformation is driving change in IT. We posit that API security will be the technology that will finally make the "shift left" a reality. Here's why.
API Security and ASPM - A More Perfect Union
Learn how Application Security Posture Management (ASPM) and API Security are a more perfect union, and why the announcement of a technical alliance between Akamai and Apiiro is so exciting.
Cybersecurity Platforms vs. Point Solutions: Swiss Army Knives or Precision Tools?
This first article in a 5-part series explores the difference between cybersecurity platforms and point solutions. It explains how platforms offer unified, scalable protection while point solutions deliver specialized, best-in-class capabilities. Using simple analogies, it shows how these approaches tackle complex business challenges, setting the stage for deeper dives in upcoming articles.
The SSDAF - A Shot Across the AppSec Bow
The United States federal government has released the Secure Software Development Attestation Form (SSDAF), which signifies a new and stringent stance on secure software development practices.
How 2023 Advancements in Generative AI should Immediately Sound the Alarm for API Security
Rapid advancements in generative AI come with increasing API security concerns. Generative AI bolsters API security while also presenting new and increased risk. OpenAI's DevDay in 2023 marked a significant leap, with customized GPTs now capable of large-scale API interactions, urging the need for robust API security strategies. The article stresses the necessity of a proactive and adaptive defense against AI-driven threats to API security.
Accelerating Kubernetes Ingress and Security Automation with F5 and WWT
This blog highlights automated deployment patterns of F5 NGINX Ingress Controller paired with F5 NGINX App Protect across Amazon Web Services, Google Cloud Platform and Microsoft Azure.