F5 has launched F5 Distributed Cloud App Infrastructure Protection (AIP), a cloud workload protection solution that expands application observability and protection to cloud-native infrastructures.
Powered by technology acquired with Threat Stack, AIP is the newest addition to the F5 Distributed Cloud Services portfolio of cloud-native SaaS-based application security and delivery services.
Organizations of all sizes across industries are in the midst of efforts aimed at simplifying, securing, and innovating application-driven digital experiences. However, many face the challenge of managing distributed and hybrid application infrastructures composed of workloads across on-premises, public cloud, and edge locations. This creates tremendous complexity and increases the security threat surface, and as a result customers are forced to deploy inconsistent security controls and lack necessary visibility, particularly for cloud-native deployments.
Attacks such as those exploiting Log4j and Spring4Shell can evade signature-based detection defense mechanisms and target vulnerabilities and misconfigurations within application infrastructure. Distributed Cloud AIP brings deep telemetry collection and high-efficacy intrusion detection for cloud-native workloads and—when combined with the in-line application and API security from F5 Distributed Cloud WAAP—delivers a defense-in-depth approach to security threats that span across applications, APIs, and the cloud-native infrastructures where they run.
“In order to move ahead in this digitized era, organizations are increasingly adopting microservices to accelerate their digital journeys, gaining competitive advantage. This new application environment, however, can be intimidatingly complex to manage and protect from security threats,” said Dhananjay Ganjoo, Managing Director for India and SAARC at F5. “F5 Distributed Cloud App Infrastructure Protection helps address these challenges by detecting threats in real-time across the entire infrastructure stack, guarding against emerging and unpredictable threats with enhanced telemetry collection and analytics.”
A large majority of organizations are now deploying microservices-based applications on cloud-native infrastructure and connecting them through APIs. This approach to application development can radically increase the pace of innovation while lowering total cost of ownership. However, vulnerabilities and misconfigurations at the infrastructure level leave these applications open to attack from both internal and external bad actors. These intruders leverage vulnerabilities in cloud services or stolen keys to get access to cloud-native resources, where they can move freely throughout the infrastructure, inject malware, run cryptominers, or access sensitive data.
