Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Articles

Sort results

APAC market research points to WAF being integrated with application delivery

We entered 2014 on a fillip. Frost & Sullivan had just named us the vendor leading WAF market in Asia Pacific and Japan. The Frost Industry Quotient, put F5 and nine other companies under their analytical magnifying glass, examining our mark... Read more
0 Reviews

DNSSEC – the forgotten security asset?

An interesting article from CIO Online last month explained how DNS had been used to identify over 700 instances of a managed service provider’s customers being infected with malware. The MSP was able to determine the malware using DNS. As the... Read more
0 Reviews

Context. SDN. Big Data. Security. Cloud.

That's right, something for everyone.  F5 recently attended IP Expo in the UK.  We had some speaker sessions at the event - some readers might have come along and seen them live.  The event organisers did a nice job of filming... Read more
0 Reviews

"Why Legacy Security Systems are Failing"

As explained by Nathan Pearce during a presentation at the National Security Conference in the UK earlier this year.  Non-technical, real-life, worth taking a few minutes to listen to: Read more
0 Reviews

Videos from F5's recent Agility customer / partner conference in London

A week or so ago, F5 in EMEA held our annual customer / partner conference in London.  I meant to do a little write-up sooner but after an incredibly busy conference week I flew to F5's HQ in Seattle and didn't get round to posting... Read more
0 Reviews

Information Age 'How To' Guide to securing the enterprise

From secure remote access tips to technical precautions to defend web app functionality, this guide, published in conjunction with Information Age, has it all. Contributors include several of F5's best security people. Read more
0 Reviews

F5 Friday: Goodbye Defense in Depth. Hello Defense in Breadth.

#adcfw #infosec F5 is changing the game on security by unifying it at the application and service delivery layer. Over the past few years we’ve seen firewalls fail repeatedly. We’ve seen business disrupted, security thwarted, and reputations... Read more
0 Reviews

The Fundamental Problem with Traditional Inbound Protection

#adcfw #RSAC #infosec The focus on bandwidth and traffic continue to distract from the real problems with traditional inbound protections … The past year brought us many stories focusing on successful attacks on organizations for a wide variety... Read more
0 Reviews

“You can use Application Delivery Controllers as firewalls?”

When F5 sent out a global survey to 1000 large organisations worldwide, concentrating on complex attacks and how people defend against them, some of the questions related to what people use to protect their web-facing applications. In one section... Read more
0 Reviews

F5 Friday: When Firewalls Fail…

New survey shows firewalls falling to application and network DDoS with alarming frequency… With the increasing frequency of successful DDoS attacks there has come a few studies focusing on organizational security posture – readiness, awareness,... Read more
0 Reviews

F5 Friday: Expected Behavior is not Necessarily Acceptable Behavior

Sometimes vulnerabilities are simply the result of a protocol design decision, but that doesn’t make it any less a vulnerability An article discussing a new attack on social networking applications that effectively provides an opening through... Read more
0 Reviews

F5 Friday: Two Heads are Better Than One

Detecting attacks is good, being able to do something about it is better. F5 and Oracle take their collaborative relationship even further into the data center, integrating web application and database firewall solutions to improve protection... Read more
0 Reviews

F5 Friday: Multi-Layer Security for Multi-Layer Attacks

Modern DoS attacks are distributed, diverse and cross the chasm that divides network components from application infrastructure. A unified application delivery platform with multi-layer visibility is the best way to detect and mitigate multi-layer... Read more
0 Reviews

What We Learned from Anonymous: DDoS is now 3DoS

It’s not just that attacks are distributed, but that attacks are also diverse in nature – up and down the stack, at the same time. If Anonymous has taught us anything it’s that the future of information security is in fending off attacks across... Read more
0 Reviews

Are You Scrubbing the Twitter Stream on Your Web Site?

Never never trust content from a user, even if that user is another application. Web 2.0 is as much about integration as it is interactivity. Thus it’s no surprise that an increasing number of organizations are including a feed of their recent... Read more
0 Reviews

Are You Scrubbing the Twitter Stream on Your Web Site?

Never never trust content from a user, even if that user is another application. Web 2.0 is as much about integration as it is interactivity. Thus it’s no surprise that an increasing number of organizations are including a feed of their recent... Read more
0 Reviews

No Shirt, No Shoes, No HTTP Service

Using Anonymous Human Authentication to prevent illegitimate access to sites, services, and applications. In the “real world” there are generally accepted standards set for access to a business and its services. One of the most common standards... Read more
0 Reviews

When Is More Important Than Where in Web Application Security

While you spend your time arguing over where application security belongs, miscreants are taking advantage of vulnerabilities. By the time you address the problem, they’ve moved on to the next one. Dmitry Evteev @ Positive Technologies Research... Read more
0 Reviews

Twitter Account Lockouts Continue to Plague Users

Brute force attacks by spammers seeking easy access causing frustration for users with no resolution in sight At least once a day I see someone on Twitter broadcast that they have been “locked out of their Twitter account, temporarily.” A search... Read more
0 Reviews

Web Application Security at the Edge is More Efficient Than In the Application

If one of the drivers for moving to cloud-based applications is reducing costs, you should think twice about the placement of application security solutions. There’s almost no way to avoid an argument on this subject so I won’t tiptoe around it:... Read more
1 Review

I am in your HTTP headers, attacking your application

Zero-day IE exploits and general mass SQL injection attacks often overshadow potentially more dangerous exploits targeting lesser known applications and attack vectors. These exploits are potentially more dangerous because once proven through a... Read more
0 Reviews

3 reasons you need a WAF even if your code is (you think) secure

Everyone is buzzing and tweeting about the SANS Institute CWE/SANS Top 25 Most Dangerous Programming Errors, many heralding its release as the dawning of a new age in secure software. Indeed, it's already changing purchasing requirements.... Read more
0 Reviews

Security is not a luxury item

In the face of a recession everyone, individuals and organizations alike, begin scaling back spending. The first thing to go is luxury items; after all, you probably didn't need that big screen TV for Christmas, and the kids will likely be... Read more
0 Reviews

Which security strategy takes more time: configuration or coding?

One of the arguments against the deployment of web application firewalls (WAF) is that it takes time to configure these devices to fit each individual environment. This is allegedly one of the reasons that secure coding is preferred over security... Read more
0 Reviews

You're Doing It Wrong

Don and I were discussing security as a service and, as usual, he spouted off some wisdom in the form of an analogy that was too good to not to share. When you're walking down the street with your entourage and an angry, I mean really angr... Read more
0 Reviews