Tag: visibility
Like many of my peers, I marvel at the amazing ways the cloud has changed our lives and how we work. At the same time, I’ve lost untold hours of sleep worrying about the security risks this transformation creates. As a CISO, I spend a big chunk of every day planning for, evaluating, and…
Read MoreThe problem is that real-time, actionable visibility – especially at the application layer where it’s increasingly critical – is often elusive to achieve. Even though we know it’s important to security efforts. To wit, in our State of Application Security 2016, the majority (57%) of respondents said a lack of visibility in the application layer is preventing strong…
Read MoreI’ve mentioned before how important strong risk management is to a CISO1. When it comes to risk, the applications our users depend on are a big concern. In a 2016 security survey2 conducted by Ponemon Institute on behalf of F5, a majority of respondents cited security around applications as an area of great concern. It makes…
Read MoreHi. I’m Mike Convertino, CISO of F5 Networks, and I want to welcome you to an experiment we’re conducting here at F5. We’ve laid the foundation of this CISO to CISO portal on an idea that has traditionally been somewhat controversial in the security community: openness. As you may or may not know, I spent…
Read MoreEver wonder what security professionals see as their main barrier to achieving a strong application security posture? We wondered that, too, so we asked them. As part of F5 Labs’ first annual Application Protection Report, F5, in conjunction with Ponemon Institute, surveyed security professionals on a slew of security-related topics. In answer to this particular…
Read MoreA vast majority of organisations have no visibility into encrypted traffic, nor do they have protection against automated attackers. In Mary Meeker’s most recent Internet Trends report, the numbers show that in the first quarter of 2019, 87 per cent of global web traffic was encrypted, up from 53 per cent just three years ago.…
Read MoreThe way we build, provision, maintain and secure apps continues to evolve. As agile development practices put pressure on operations, organizations move to DevOps where both functions are synchronized. This in turn puts pressure on the app security organization, and so we see more companies today adopting a DevSecOps model. At the same time, the…
Read MoreMuch of our threat research is focused on analyzing quantitative threat data—the larger the sample size, the better. However, the critical piece of information about a specific attack, the thing that differentiates it from the attacks that happened the day before or after, often lies in minute detail that is rarely captured in a large…
Read More