Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

Protecting API Access with BIG-IP using OAuth

As more organizations use APIs in their systems, they've become targets for the not-so-good-doers so API Security is something you need to take seriously. Most APIs today use the HTTP protocol so organizations should protect them as they would... Read more
0 Reviews

AFM Enhancements in BIG-IP v13

F5 BIG-IP version 13 offers numerous improvements to Advanced Firewall Manager (AFM). Check out the discussion on DevCentral and find out more on version 13. Read more
0 Reviews

Proactive Bot Defense Using BIG-IP ASM

Bot activity is something that needs to be monitored and controlled. On one hand, you want the good bots to access your site, but on the other hand you want the bad ones to stay away. The question is, “how do you know the difference?” And the unfortunate answer for many organizations is: “I have no idea.” Read more
1 Review

Apache Struts Remote Code Execution Vulnerability (CVE-2017-5638)

An advisory has been published regarding a critical 0-day Remote Code Execution vulnerability in Apache Struts. The vulnerability resides in the Apache Jakarta multipart parser and is triggered when it tries to parse the Content-Type header of the... Read more
Average Rating: 5.0
3 Reviews

What is Virtual Desktop Infrastructure (VDI)

What is VDI? Imagine not having to carry around a laptop or be sitting in a cubicle to access your work desktop applications. Virtual desktop infrastructure (VDI) is appealing to many different constituencies because it combines the benefits o... Read more
1 Review

Q/A with Admiral Group's Jinshu Peethambaran - DevCentral's Featured Member for March

Jinshu Peethambaran is a security architect currently working with Admiral Insurance. He started his career 9 years ago, managing network security operations and started working on F5 products about 5 years ago. He is also a 2017 DevCentral MVP... Read more
0 Reviews

Security Month on DevCentral

We are always interested in security at F5, but this month we are taking it a step further and highlighting lots of great security content on DevCentral. From discussing specific F5 security technology to looking back on security trends from 2016 to looking ahead at what's to come in 2017, the month of February on DevCentral will not disappoint! Read more
Average Rating: 5.0
3 Reviews

Cipher Rules And Groups in BIG-IP v13

DevCentral reviews Cipher Rules and Ciphers Groups in BIG-IP v13. Separating Cipher strings from SSL profiles allows us to ease cipher suite management so you can keep current with cryptographic trends and impress your friends. Read more
Average Rating: 5.0
3 Reviews

Cipher Suite Practices and Pitfalls

Cipher Suite Practices and Pitfalls It seems like every time you turn around there is a new vulnerability to deal with, and some of them, such as Sweet32, have required altering cipher configurations for mitigation.  Still other users may... Read more
Average Rating: 5.0
8 Reviews

CloudBleed: Guess What? There was 0-day protection

About CloudBleed If you aren’t familiar with CloudBleed, take a moment to read the following articles to get an understanding how it was found, what happened, and what PII/PCI data was (possibly) leaked: Vulnerability Disclosure from Tavis... Read more
Average Rating: 5.0
3 Reviews

Security Month on DevCentral: Challenge #2

As we highlight security on DevCentral this month, we wanted to pose a fun security challenge to exercise those brain cells a little bit. Our first challenge focused on decrypting a secret message. Our second and final challenge requires you to search for clues around the Internet and find/calculate a secret value. Read more
Average Rating: 5.0
3 Reviews

Killing my passwords (with his tools)

As I prepped for this password killing journey, I couldn’t get the Fugees “Killing Me Softly” out of my head. Lauryn Hill kills it in that song (pun intended.) So I wrote a little intro you can hum along to the tune…I’ll wait. Feeling my pain... Read more
2 Reviews

What To Expect In 2017: Security And Government Regulations

The government and cloud security's relationship is surprisingly hands off. Current regulations already extend their umbrellas over our data in flight and rest regardless who's IaaS/SaaS you're using. For us traditional enterprise... Read more
1 Review

What To Expect In 2017: Security In The Cloud

DevCentral examines cloud security trends for 2017 and takes a few stabs at the reality of your realistic requirements. Security is a chess board. Of the primary fundamentals in chess the King is the most valuable piece (losing the game if you lose the King) and the Queen is the most powerful piece (in terms of... Read more
1 Review

What to Expect in 2017: Mobile Device Security

We are mobile, our devices are mobile, the networks we connect to are mobile and the applications we access are mobile. Mobility, in all its iterations, is a huge enabler and concern for enterprises and it'll only get worse as we start wearing... Read more
0 Reviews

Security Month on DevCentral: Challenge #1

As we highlight security on DevCentral this month, we wanted to pose a fun security challenge to exercise those brain cells a little bit. Today's challenge focuses on cryptography. The object of this challenge is to figure out a plaintext message given some ciphertext and clues. Read more
Average Rating: 5.0
3 Reviews

Introducing the F5 Security Incident Response Team (F5 SIRT)

When your business is facing a security crisis, F5 has a team dedicated to helping you through it – the F5 Security Incident Response Team (SIRT). During a security incident, the F5 SIRT engages rapidly with the resources you need to respond. The F5 SIRT also evaluates potential and published vulnerabilities and provides timely alerts to help you manage risks and deploy mitigation – before an attack brings down your business. Read more
Average Rating: 5.0
3 Reviews

Abusing Open Resolvers

Open DNS resolvers can be used to recursively query authoritative name servers. In fact, a list of open resolvers can be found at http://openresolverproject.org/. Further, Network Time Protocol (NTP) servers with "monlist" enabled allow a host to query the last 600 connections who have connected to that server... Read more
0 Reviews

Encrypted malware vs. F5's full proxy architecture

Everyone knows that malware is a huge problem, and several recent studies have shown that nearly half of all malware is now encrypted. So, if all this malware is encrypted, then how do you go about finding it and stopping it if you can't even read it? Read more
1 Review

Security Trends in 2016: The Problem Of Ransomware

Ransomware is a specific type of malware that encrypts important information and keeps it encrypted until the ransom (typically money) has been paid. Until very recently, ransomware was not a widely-used type of malware, but it has absolutely exploded in popularity in the past few years... Read more
0 Reviews

Containers on the Rise

Insights from our 2017 State of Application Delivery survey. You can tell a lot about organizations use and adoption of technologies by how and where they want to deploy their app services. You may recall that app services is a big umbrella under... Read more
0 Reviews

Security Trends in 2016: Defending DDoS Attacks

Distributed Denial of Service (DDoS) attacks were huge in 2016, and they will likely be a tough nemesis again in 2017…and beyond!  With all the excitement and trepidation surrounding these attacks, it’s important to know how to defend against... Read more
1 Review

Lightboard Lessons: IoT on BIG-IP

As more organizations deploy IoT applications in their data centers and clouds, they're going to need their ADC to understand the unique protocols these devices use to communicate. In this Lightboard Lesson, I light up how IoT protocol MQTT... Read more
0 Reviews

Security Trends in 2016: Known Vulnerabilities Are Still Dangerous

FINISH HIM!  SSHowDowN Wins!  The proxy attack Akamai published on last October of 2016 sound like a character from Mortal Kombat. That would be a fun MK character, a little digitized malware-bot killing Sub-Zero or Goro.  In... Read more
2 Reviews

WordPress REST API Vulnerability: Violating Security’s Rule Zero

It's an API economy. If you don't have an API you're already behind. APIs are the fuel driving organizations' digital transformation. We've all heard something similar to these phrases in the past few years. And while they look... Read more
0 Reviews