F5 Expands SaaS-Based Security Portfolio with New Distributed Cloud Application Infrastructure Protection

F5 (NASDAQ: FFIV) recently announced the launch of its cloud workload protection solution, F5 Distributed Cloud App Infrastructure Protection (F5 Distributed Cloud AIP), which extends application observability and security protection to cloud-native infrastructure. This solution is powered by Threat Stack, which was acquired by F5. AIP is the latest product in F5 's distributed cloud service portfolio, a cloud-native SaaS-based application security and application delivery service.

Today, enterprises of all sizes and in all industries are committed to providing simplified, secure and innovative digital experiences driven by applications. However, many enterprises face the challenge of managing distributed and hybrid application infrastructures, which are composed of workloads deployed on-premises, in the public cloud and at the edge. Multiple application deployment environments not only bring huge complexity, but also increase security threats, so customers are forced to deploy inconsistent security controls and lack the necessary visibility, especially for cloud-native deployments.

Some attacks, such as those using Log4j and Spring4Shell, can evade signature-based threat detection and defense mechanisms and target vulnerabilities and misconfigurations in application infrastructure. F5 Distributed Cloud AIP can be combined with embedded application and API security from F5 Distributed Cloud WAAP to provide deep telemetry data collection and efficient intrusion detection capabilities for cloud-native workloads, and respond to security threats across applications, APIs, and the cloud-native infrastructure environments where applications run by providing in-depth defense security capabilities.

“Many enterprises are managing a complex mix of hybrid and multi-cloud application architectures, which can hinder their digital innovation and create subsequent security risks,” said Kara Sprague, executive vice president and chief product officer at F5. “The F5 Distributed Cloud AIP meets a critical need for our customers who are looking for solutions that extend robust security protections to the multi-cloud infrastructure where modern applications run.”

Today, the vast majority of enterprises are deploying microservices-based applications on cloud-native infrastructure and connecting them through APIs. This approach to application development can increase the speed of innovation from the source while reducing the total cost of ownership. However, vulnerabilities and misconfigurations at the infrastructure level make these applications vulnerable to attacks by internal and external bad actors. These intruders exploit vulnerabilities in cloud services or stolen keys to access cloud-native resources, and then wreak havoc on the infrastructure, inject malware, run encryption programs, or access sensitive data, causing enterprise applications to face extremely high security risks.

F5 Distributed Cloud AIP has the following capabilities to help enterprises easily cope with security challenges:

By combining rules and machine learning, real-time threat detection can be performed on cloud vendor APIs, virtual machine instances, containers, and Kubernetes across the entire infrastructure stack. With behavior-based detection, F5 Distributed Cloud AIP will be able to identify internal threats, external threats, and data loss risks in modern applications.

Detect and alert on abnormal behaviors that affect workloads. Once potential malicious behavior is discovered, the operations team can be notified to take further action to prevent or remediate it.

Provides actionable insights based on advanced telemetry and malicious process detection at the application and cloud infrastructure level, complementing and enhancing existing signature- and behavior-based threat detection capabilities.

Professional F5 distributed cloud AIP managed security services, with a 24/7 on-call security operations center team that can provide security threat detection, classification and investigation services, and can design and build customized remediation solutions for customers.

F5 Distributed Cloud AIP Insights provides customized platform analytics and ongoing guidance from F5 cloud security experts to help customers build a stronger cloud SecOps strategy to better achieve business goals.