Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

F5 Agility Summit 2012 - Splunk

I meet with Splunk's Will Hayes, Director of Business Development at F5's Agility Summit. We get a look at some of the newest Splunk reports for F5's BIG-IP solutions including the BIG-IP Data Center Firewall Solution. ps ... Read more
0 Reviews

Interop 2012 - F5 in the Interop NOC Statistics

I meet with F5's Professional Services Consultant Sam Richman to review some of the stats from the World’s Largest Portable Network.  Highlights  included:  BIG-IP Data Center Firewall pushed a Terabyte of data; BIG-IP Web... Read more
0 Reviews

RSA 2012 - BIG-IP Data Center Firewall Solution

Peter Silva interviews F5 Security Product Manager Preston Hogue about the BIG-IP Data Center Firewall Solution, BIG-IP's ICSA Certification and some BIG-IP differences vs. traditional firewalls. ";" alt="" />RSA 2012 -... Read more
0 Reviews

Vulnerability Assessment with Application Security

The longer an application remains vulnerable, the more likely it is to be compromised. Protecting web applications is an around-the-clock job. Almost anything that is connected to the Internet is a target these days, and organizations are... Read more
0 Reviews

F5 Case Study: WhiteHat Security

Founder & CTO of WhiteHat Security, Jeremiah Grossman talks about the F5/WhiteHat partnership, the benefits of the WhiteHat Sentinel & BIG-IP ASM integration, the sophistication level of some of the recent attacks/breaches reported in the... Read more
0 Reviews

F5 Friday: If Only the Odds of a Security Breach were the Same as Being Hit by Lightning

#v11 AJAX, JSON and an ever increasing web application spread increase the odds of succumbing to a breach. BIG-IP ASM v11 reduces those odds, making it more likely you’ll win at the security table When we use analogy often enough it becomes... Read more
0 Reviews

Window Coverings and Security

Note: While talking about this post with Lori during a break, it occurred to me that you might be thinking I meant “MS Windows”. Not this time, but that gives me another blog idea… And I’ll sneak in the windows –> Windows simile somewhere, no... Read more
0 Reviews

F5 Friday: Two Heads are Better Than One

Detecting attacks is good, being able to do something about it is better. F5 and Oracle take their collaborative relationship even further into the data center, integrating web application and database firewall solutions to improve protection... Read more
0 Reviews

How To Limit URI Length Without Recompiling Apache

Use network-side scripting, of course! While just about every developer and information security professional knows that a buffer-overflow exploit can result in the execution of malicious code not many truly grok the “why”. Fortunately, it’s not... Read more
0 Reviews

Defeating Attacks Easier Than Detecting Them

Defeating modern attacks – even distributed ones – isn’t the problem. The problem is detecting them in the first place. Last week researchers claimed they’ve discovered a way to exploit a basic security flaw that’s used in software that’s in... Read more
0 Reviews

Why Is Reusable Code So Hard to Secure?

Being an efficient developer often means abstracting functionality such that a single function can be applied to a variety of uses across an application. Even as this decreases risk of errors, time to develop, and the attack surface necessary to... Read more
0 Reviews

No Shirt, No Shoes, No HTTP Service

Using Anonymous Human Authentication to prevent illegitimate access to sites, services, and applications. In the “real world” there are generally accepted standards set for access to a business and its services. One of the most common standards... Read more
0 Reviews

Web Application Security at the Edge is More Efficient Than In the Application

If one of the drivers for moving to cloud-based applications is reducing costs, you should think twice about the placement of application security solutions. There’s almost no way to avoid an argument on this subject so I won’t tiptoe around it:... Read more
1 Review

Rip and Replace Won’t Solve Twitter’s (Or Your) Security Problems

The “replace” in “rip and replace” essentially means getting rid of old security problems and replacing them with new ones. Twittergate is (thankfully) behind us but it’s almost assuredly going to be the case that we’ll be rehashing this one for... Read more
0 Reviews

The Gluten-free Application Network

If you haven’t got your (applications’) health, then you haven’t got anything If you happen to be unlucky enough to suffer from Celiac disease - gluten intolerance (wheat, barley, oats, rye) - then you know how important it is to keep gluten out... Read more
0 Reviews

Jedi Mind Tricks: HTTP Request Smuggling

How to defeat the ancient Jedi mind trick known as HTTP Request Smuggling.  HTTP Request Smuggling (HRS) is not a new technique; it's been around since 2005. It takes advantage of architectures where one or more intermediaries (proxies)... Read more
0 Reviews

Web Application Security: Where do we go from here?

You're standing in line at the bank when someone walks in. You instinctively look around and notice the newcomer is wearing sunglasses,  and a hooded sweatshirt. His hands are both inside the pockets of his sweatshirt, even though... Read more
0 Reviews

Which security strategy takes more time: configuration or coding?

One of the arguments against the deployment of web application firewalls (WAF) is that it takes time to configure these devices to fit each individual environment. This is allegedly one of the reasons that secure coding is preferred over security... Read more
0 Reviews

BusinessWeek takes viral advertising a little too seriously

Yesterday it was reported that BusinessWeek had been infected with malware via an SQL injection attack. [begin Mom lecture] Remember when we talked about PCI DSS being a good idea for everyone, even though... Read more
0 Reviews