Reimagining App Security for a Hybrid and Multi-Cloud World

F5 customers tell us that flexibility in choosing the right environment—a specific public cloud, edge location, or on-premises data center—for each application is important to best serve the needs of the business. However, that flexibility comes at a high price: an exponentially expanding surface area for potential cyberattacks, loss of end-to-end visibility into the health and performance of digital services, and significantly increased operational complexity and cost.

Cybercriminals are rushing to capitalize on this alarming opportunity. There’s a breach every 39 seconds and a ransomware attack every 14 seconds, according to Cybersecurity Ventures.¹ In September 2022, criminals accessed nearly 10 million telecom customer records with enough personally identifiable information to open fraudulent bank accounts for each via an unsecured API endpoint.² A March 2022 phishing scam enabled North Korean hackers to steal more than $600 million in cryptocurrency from an online game.³ And that’s just a drop in the bucket of the estimated $6 trillion in damages caused by cybercriminals in 2022 alone.⁴ To put that in perspective, measured as a country, cybercrime is the world's third largest economy after the U.S. and China.

A little more than a year ago, I discussed the imperative for organizations to deploy robust application and API security capabilities that enable the management and enforcement of consistent security policies across distributed deployments. That directive is even more urgent and important today as organizations face an ever-expanding attack surface that spans traditional and modern application architectures and multiple clouds, on-prem data centers, and edge sites.

These distributed environments represent a new normal in our digital world, so it’s critical to mitigate the operational complexity that accompanies them. Let me be clear: multi-cloud networking is not just about connecting clouds at the network and transport layers. Such an approach is operationally complex, can lead to resource contention, and does little to enhance the security of your apps and APIs. A better approach is to adopt a multi-cloud networking solution that spans from the transport layer to the presentation layers, with integrated application security capabilities such as a web app firewall (WAF), API security, bot management, and DDoS protection.

A good first step in implementing a comprehensive multi-cloud networking (MCN) solution is reducing the number of components and vendors in your security ecosystem. That may be why 88% of respondents to the 2023 SOAS survey stated that they’re adopting a security platform in place of multiple point solutions. That is also why we are investing heavily in our F5 Distributed Cloud Platform, a hybrid and multi-cloud solution built to make it easier to secure, deliver, and optimize traditional and modern apps wherever they’re deployed.

Distributed Cloud Services provide connectivity and security at both the network and application layers. That means that you can securely connect between locations within a single cloud service provider or across different providers, as well as natively connect and secure distributed digital services, giving your end users superior security, availability, and performance while reducing the operational complexity for your business.

By using a consistent set of multi-cloud application security and delivery solutions across your application and API portfolio, you can strengthen security, improve performance and resilience, streamline deployments, and unify policies across on-premises, public cloud, and edge environments. Whether you’ve got legacy apps deployed in your data center, hybrid apps connected by APIs, microservices-based apps that rely on distributed Kubernetes clusters, or—as is most likely according to the latest SOAS data—all of the above, we’ve got you covered.

It’s clear that modern digital enterprises need MCN solutions, but not all solutions are created equal. Where other MCN offerings stop at connecting the infrastructure your applications run on, F5 Distributed Cloud Services connect distributed environments—multiple clouds, edge locations, on-premises data centers—as well as the actual applications deployed in them.

Distributed Cloud Services simplify network and app connectivity

Respondents to the 2023 SOAS survey reported that applying consistent security policies is the second most common challenge (after tool and API complexity) of deploying applications in multiple clouds. Two newly available Distributed Cloud SaaS solutions help increase the security of multi-cloud deployments, while improving observability and reducing complexity. Distributed Cloud Network Connect makes it simple (and secure) to deploy connectivity across cloud locations and cloud providers. Plus, with rich observability capabilities, Network Connect helps administrators quickly identify and resolve potentially disruptive network issues. Higher up the stack beyond the transport layer, Distributed Cloud App Connect combines comprehensive app networking and security with faster provisioning and ease of use in a single, easy-to-use console.

F5 is uniquely positioned to make multi-cloud networking easier by connecting and securing any app and API, anywhere—enabling fast network-to-network and workload-to-workload connectivity across different cloud locations, data centers, hybrid environments, and enterprise edge sites.

At F5, we understand that security is about creating a safer digital world for all of us. Our security solutions help you protect what matters most to your business by providing superior efficacy and ease-of-use compared to cloud-native security tools. Plus, we can help you reduce the operational complexity of hybrid and multi-cloud environments by consolidating app delivery and protection and consistently enforcing security policy.

This week, we announced several new security capabilities to give you comprehensive protection and control as you manage apps and APIs across on-premises, cloud, and edge locations.

Safeguarding digital services with AI-powered app and API security

F5 offers a comprehensive suite of offerings that deliver robust protection for apps, APIs, and the digital services they power. The new machine-learning-based capabilities of Distributed Cloud API Security can help you temper the complexity that respondents to this year’s SOAS survey called their biggest multi-cloud challenge. By incorporating API auto-discovery, policy enforcement, and anomaly detection into our web application and API protection (WAAP) service, F5 boosts API protection while simplifying operations through a single console for both application and API security. We also introduced new AI-driven WAF capabilities, which make it easier to block malicious traffic while reducing the time your security teams spend correcting false positives and enabling legitimate users to seamlessly access your applications.

Complexity is simply a reality for organizations as they work to secure their apps and APIs across distributed environments. But you don’t have to do it alone. Respondents to the 2023 SOAS survey told us that one of their primary reasons for adopting Security as a Service (SECaaS) offerings is a lack of personnel with the appropriate skillsets. Our new WAAP managed service offering puts the F5 SOC experts to work for you while ensuring that your critical assets get the WAF, bot defense, and DDoS protection they need across all environments. We’ve also added a portal to enable our service provider partners to custom-design their own managed service offering from F5 Distributed Cloud WAAP solutions.

Our goal with the Distributed Cloud Platform and the entire F5 portfolio is to help radically simplify the complex task of app and API security in a distributed world—giving you the confidence of comprehensive protection no matter how your apps are built or where they live.

¹ https://www.enterpriseappstoday.com

² https://www.theguardian.com

³ https://www.bbc.com

⁴ https://www.enterpriseappstoday.com