Category: AI in news
The way we build, provision, maintain and secure apps continues to evolve. As agile development practices put pressure on operations, organizations move to DevOps where both functions are synchronized. This in turn puts pressure on the app security organization, and so we see more companies today adopting a DevSecOps model. At the same time, the…
Read MoreLooking at cloud breaches over the last few years, it’s easy to get the impression that most were easily avoidable events that occurred due to silly misconfigurations, ugly failure modes, or borderline negligent architectures. To put it bluntly, these cloud breaches look stupid. But the people and the organizations designing and running these systems—both the…
Read MoreApplications have become the infrastructure of the internet. They are in everything from phones to thermostats, cars to power grids. And for every digital transformation enabled by apps, the application itself is a primary target, along with the business logic it supports and all its underlying data. For one thing, an app isn’t just an…
Read MoreThe F5 2019 State of Application Services Report noted that more than half (53%) of respondents were more confident about protecting applications on premises than in the public cloud (38%). It is normal to be uneasy about cloud security. Security in the cloud is a double-edged sword: it can render traditional security measures impotent, but…
Read MoreWith the cloud, containers and microservices, we’re navigating an environment that includes clients, proxies, web servers, app servers, ingress controllers, containers, sidecars, and a range of microservices performing more and more specialized functions—a whole world purely intrinsic to applications. The complexity involved in the presentation of an app today rivals that of the internet itself…
Read MoreApplication programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central to app functionality. APIs are everywhere and inside of everything we’re using now. Here’s what I mean: In our workplace, more and more traditional business services are being delivered or amplified…
Read MoreWhile cloud allows us to offload many responsibilities to third party providers, risk is not one of them. What’s more, is that the rising use of cloud, shared code libraries and other third party resources reduces the visibility and control businesses have over their apps and data – making them even more vulnerable. Businesses today…
Read MoreWe launched the CISO-to-CISO section of F5 Labs in January 2017, with a welcome message from then F5 CISO, Mike Convertino, talking about how we want to encourage security leaders to share and openly discuss ideas on how they protect their organizations. It’s all about security leaders sharing advice for other security leaders. Well, three…
Read MoreWeb Application Security Our biggest research story of the year was our 2019 Application Protection Series, which focused on looking at an entire year of application-related breaches as well as a year of global web attack traffic. In that story, we noted how PHP vulnerabilities comprise 81% of the attack traffic, much of it…
Read MoreFrom tech giants and gamers to politicians and retailers, nobody is safe from today’s mutating threat landscape. 2019 was another frenzied maelstrom of cyberattacks, mitigations, pre-emptions and preventions, with the old (phishing and DDoS et al) rubbing havoc-wreaking shoulders with the new (new vistas in cyberwars, automation and AI). As ever, continuous pressure also begets…
Read More