F5 has extended the reach of its cloud security platform to include the infrastructure that applications are deployed on using technology it gained with the acquisition of ThreatStack in late 2021.
Chris Ford, regional vice president for F5, said F5 Distributed Cloud App Infrastructure Protection (AIP) expands the scope of the capabilities that the company now provides via its software-as-a-service platform. F5 Distributed Cloud AIP combines the collection of telemetry data with an intrusion detection capability that uses rules and machine learning algorithms in real-time to expand the scope of a platform that already protects both web applications and application programming interfaces (APIs).
As such, F5 Distributed Cloud AIP can identify a wide range of anomalous behavior indicative of malicious activity such as insider threats, external threats and potential data loss risks across both applications and infrastructure, said Ford.
Additionally, F5 includes an option that makes available a set of F5 Distributed Cloud AIP managed security services via a security operation center (SOC) it manages and F5 Distributed Cloud AIP Insights, an analytics platform through which F5 also makes cloud security experts available.
The overall goal is to provide an integrated zero-trust approach to cybersecurity that uses machine learning algorithms to track the identities of users, applications and machines across a distributed computing environment, said Ford. The challenge cybersecurity teams face today is that businesses will not slow down the pace of innovation, so the onus is now on cybersecurity teams to find ways to maintain policies as IT environments continuously evolve, he noted.
That approach is required because cybercriminals now routinely launch attacks that span multiple attack vectors, added Ford.
The additions to the F5 cloud platform are the latest example of an ongoing convergence of capabilities that simultaneously improve cybersecurity while lowering total costs. In addition to mandates to reduce costs, many cybersecurity teams still struggle to find and retain expertise. A cloud platform enables those teams to maintain a layered defense-in-depth approach to cybersecurity in a way that doesn’t require as many point products that need to be individually managed, noted Ford.
There are, of course, no shortage of options when it comes to centralizing the management of cybersecurity in the cloud era. Less clear is how heavily cybersecurity teams will continue to rely on point products as centralization gains momentum. Many cybersecurity teams are reluctant to replace platforms that have, over several years, been specifically tuned for their environments. Others, however, may have lost track of what rules and policies have been implemented by successive administrators.
Regardless of approach, most organizations will, at the very least, review their cybersecurity strategies in 2023. The days when organizations could primarily rely on firewalls and antivirus software are long over as cyberattacks continue to increase in volume and sophistication. There may never be such a thing as perfect security, but if organizations fail to adapt to evolving threats, they’ll almost certainly experience a negative outcome.