F5 announced the launch of F5 Distributed Cloud App
Infrastructure Protection (AIP), a cloud workload protection solution
that expands application observability and protection to cloud-native
infrastructures. Powered by technology acquired with Threat Stack, AIP
is the newest addition to the F5 Distributed Cloud Services portfolio of cloud-native SaaS-based application security and delivery services.
Organizations of all sizes across industries are in the midst of efforts
aimed at simplifying, securing, and innovating application-driven
digital experiences. However, many face the challenge of managing
distributed and hybrid application infrastructures composed of workloads
across on-premises, public cloud, and edge locations. This creates
tremendous complexity and increases the security threat surface, and as a
result customers are forced to deploy inconsistent security controls
and lack necessary visibility, particularly for cloud-native
deployments.
Attacks such as those exploiting Log4j and Spring4Shell can evade
signature-based detection defense mechanisms and target vulnerabilities
and misconfigurations within application infrastructure. Distributed
Cloud AIP brings deep telemetry collection and high-efficacy intrusion
detection for cloud-native workloads and-when combined with the in-line
application and API security from F5 Distributed Cloud WAAP-delivers
a defense-in-depth approach to security threats that span across
applications, APIs, and the cloud-native infrastructures where they run.
"Organizations are managing a dauntingly complex mix of hybrid and
multi-cloud application architectures that can slow the pace of digital
innovation and create subsequent security risks," said Kara Sprague,
Executive Vice President and Chief Product Officer, F5. "The addition of
AIP fills a critical need for customers as they look for ways to extend
robust security controls to multiple cloud infrastructures where they
run their modern applications."
A large majority of organizations are now deploying microservices-based
applications on cloud-native infrastructure and connecting them through
APIs. This approach to application development can radically increase
the pace of innovation while lowering total cost of ownership. However,
vulnerabilities and misconfigurations at the infrastructure level leave
these applications open to attack from both internal and external bad
actors. These intruders leverage vulnerabilities in cloud services or
stolen keys to get access to cloud-native resources, where they can move
freely throughout the infrastructure, inject malware, run cryptominers,
or access sensitive data.
F5 Distributed Cloud App Infrastructure Protection addresses these challenges through:
-
A combination of rules and machine learning to detect threats in real
time across the entire infrastructure stack: cloud provider APIs,
virtual machine instances, containers, and Kubernetes. With
behavioral-based detection, AIP can identify insider threats, external
threats, and data loss risk for modern applications.
-
Detection and alert of anomalous behavior impacting workloads to inform
operations teams of potentially malicious activity that may require
further action to block or remediate.
-
Complementing existing signature- and behavioral-based threat detection
capabilities with actionable insights from advanced telemetry and
detection of post-exploit activity at the app and cloud infrastructure
level.
-
F5 Distributed Cloud AIP Managed Security Services, an "always-on"
Security Operations Center team that detects, triages, and investigates
threats and provides remediation recommendations on behalf of customers.
-
F5 Distributed Cloud AIP Insights, providing custom platform analytics
and ongoing coaching from F5's cloud security experts to help customers
build a stronger cloud SecOps strategy and better achieve their goals.