Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology

Articles

Sort results

APAC market research points to WAF being integrated with application delivery

We entered 2014 on a fillip. Frost & Sullivan had just named us the vendor leading WAF market in Asia Pacific and Japan. The Frost Industry Quotient, put F5 and nine other companies under their analytical magnifying glass, examining our mark... Read more
0 Reviews

Inside Look: BIG-IP ASM Botnet and Web Scraping Protection

I hang with WW Security architect Corey Marshall to get an inside look at the Botnet detection and Web scraping protection in BIG-IP ASM. LimelightPlayerUtil.initEmbed('limelight_player_846028');   ps Related: F5's YouTube... Read more
1 Review

In 5 Minutes or Less: BIG-IP ASM & Cenzic Scanner

I show you in this special extended edition of In 5 Minutes or Less, how BIG-IP ASM is integrated with Cenzic Hailstorm Scanner for complete website protection. From vulnerability checking to detection to remediation, With a few clicks, you can... Read more
0 Reviews

Oracle OpenWorld 2012: BIG-IP ASM and Oracle Database Firewall Integration

I meet with F5 Business Development Solution Architect, Chris Akker to show the BIG-IP ASM integration with Oracle's Database Firewall. A layered, defense-in-depth approach along with the contextual information needed for digital forensic... Read more
0 Reviews

Persistent Threat Management

#dast #infosec #devops A new operational model for security operations can dramatically reduce risk Examples of devops focuses a lot on provisioning and deployment configuration. Rarely mentioned is security, even though there is likely no... Read more
0 Reviews

Quantifying Reputation Loss From a Breach

#infosec #security Putting a value on reputation is not as hard as you might think… It’s really easy to quantify some of the costs associated with a security breach. Number of customers impacted times the cost of a first class stamp plus the... Read more
0 Reviews

Block Attack Vectors, Not Attackers

When an army is configuring defenses, it is not merely the placement of troops and equipment that must be considered, but the likely avenues of attack, directions the attack could develop if it is successful, the terrain around the avenues of... Read more
0 Reviews

Vulnerability Assessment with Application Security

The longer an application remains vulnerable, the more likely it is to be compromised. Protecting web applications is an around-the-clock job. Almost anything that is connected to the Internet is a target these days, and organizations are... Read more
0 Reviews

F5 Case Study: WhiteHat Security

Founder & CTO of WhiteHat Security, Jeremiah Grossman talks about the F5/WhiteHat partnership, the benefits of the WhiteHat Sentinel & BIG-IP ASM integration, the sophistication level of some of the recent attacks/breaches reported in the... Read more
0 Reviews

Why Developers Should Demand Web App Firewalls.

The Web Application Firewall debate has been raging for a very long time, and we keep hearing the same comments going back and forth. Many organizations have implemented them as a fast-track to compliance, primarily compliance with PCI-DSS, bu... Read more
1 Review

F5 Friday: Zero-Day Apache Exploit? Zero-Problem

#infosec A recently discovered 0-day Apache exploit is no problem for BIG-IP. Here’s a couple of different options using F5 solutions to secure your site against it. It’s called “Apache Killer” and it’s yet another example of exploiting not a... Read more
0 Reviews

It Is Not What The Market Is Doing, But What You Are.

We spend an obsessive amount of time looking at the market and trying to lean toward accepted technologies. Seriously, when I was in IT management, there were an inordinate number of discussions about the state of market X or Y. While these... Read more
0 Reviews

F5 Friday: If Only the Odds of a Security Breach were the Same as Being Hit by Lightning

#v11 AJAX, JSON and an ever increasing web application spread increase the odds of succumbing to a breach. BIG-IP ASM v11 reduces those odds, making it more likely you’ll win at the security table When we use analogy often enough it becomes... Read more
0 Reviews

When the Data Center is Under Siege Don’t Forget to Watch Under the Floor

Don’t get so focused on the trebuchets, mangonels and siege towers that you forget about the sappers. We often compare data center security to castles and medieval defenses. If we’re going to do that, we ought to also consider the nature of... Read more
0 Reviews

Security in the Cloud. Developers, About Face!

There is a theory in traditional military strategy that goes something along the lines of “take land, consolidate your gains, take more land…” von Moltke the Elder found this theory so profound that he suggested a defender could trade land fo... Read more
0 Reviews

Window Coverings and Security

Note: While talking about this post with Lori during a break, it occurred to me that you might be thinking I meant “MS Windows”. Not this time, but that gives me another blog idea… And I’ll sneak in the windows –> Windows simile somewhere, no... Read more
0 Reviews

F5 Friday: Expected Behavior is not Necessarily Acceptable Behavior

Sometimes vulnerabilities are simply the result of a protocol design decision, but that doesn’t make it any less a vulnerability An article discussing a new attack on social networking applications that effectively provides an opening through... Read more
0 Reviews

F5 Friday: Two Heads are Better Than One

Detecting attacks is good, being able to do something about it is better. F5 and Oracle take their collaborative relationship even further into the data center, integrating web application and database firewall solutions to improve protection... Read more
0 Reviews

What Developers Should Or Should Not Do.

Recently I was in a conversation where someone seriously suggested that Web Application Acceleration and WAN Optimization should be the job of developers, since they are in the code and creating the network traffic. At first I was taken aback b... Read more
0 Reviews

How To Limit URI Length Without Recompiling Apache

Use network-side scripting, of course! While just about every developer and information security professional knows that a buffer-overflow exploit can result in the execution of malicious code not many truly grok the “why”. Fortunately, it’s not... Read more
0 Reviews

F5 Friday: Multi-Layer Security for Multi-Layer Attacks

Modern DoS attacks are distributed, diverse and cross the chasm that divides network components from application infrastructure. A unified application delivery platform with multi-layer visibility is the best way to detect and mitigate multi-layer... Read more
0 Reviews

What We Learned from Anonymous: DDoS is now 3DoS

It’s not just that attacks are distributed, but that attacks are also diverse in nature – up and down the stack, at the same time. If Anonymous has taught us anything it’s that the future of information security is in fending off attacks across... Read more
0 Reviews

F5 Friday: Is Your Infosec Motto ‘Compone Accomoda Supera’?

That’s “Improvise. Adapt. Overcome.” and it should be if it isn’t. The right tools can help you live up to that motto.  If you Google “Zeus Trojan” you’ll find a wealth of information. Unfortunately all that wealth appears to be draining... Read more
0 Reviews

F5 Friday: You’ll Catch More Bees with Honey(pots)

Catching bees with honey(pots) means they’re preoccupied with something other than stinging you. Pop quiz time…pencils ready? Go. Is it good or bad to block malicious requests? If your answer was “that depends on a lot of different factors” then... Read more
1 Review

Congratulations! You do no nothing faster than anyone else!

If you’re going to test performance of anything make sure it’s actually doing what it’s designed to do. Race cars go really fast too – but they don’t get you anywhere but around and around in a big circle. Speed is important, especially in... Read more
0 Reviews