While a majority of organizations (96%) are deploying AI models, most worry about AI model security, according to the latest F5 State of Application Strategy report. And rightly so because many traditional security tools do not adequately support or protect modern AI workloads. After all, AI has different and varying development environments, architectures, components, and vector stores that fall outside traditional application security tooling.
But the disturbing fact is that fewer than 4 in 10 organizations (37%) have processes in place to evaluate the security of AI systems before they move to deployment, according to the World Economic Forum's Global Cybersecurity Outlook 2025 survey. At the rate AI is being adopted both with and without the security team’s blessing, there’s trouble on the horizon for organizations that don’t put in the proper guardrails and security protocols regarding their AI deployments and usage.
Accelerate and secure AI development
Luckily, there are great ways to accelerate and secure AI app development from AWS and F5. Amazon offers a portfolio of development services such as Amazon Q Developer to Amazon Bedrock and Amazon SageMaker that can accelerate AI app development and help deliver faster ROI on an organization’s AI investment.
“At the rate AI is being adopted both with and without the security team’s blessing, there’s trouble on the horizon for organizations that don’t put in the proper guardrails and security protocols regarding their AI deployments and usage.”
F5 delivers an AWS-native layer of protection and assurance: continuous AI red teaming to identify vulnerabilities before deployment, and adaptive runtime guardrails to stop AI data leakage, harmful outputs, and policy violations.
Together, F5 and AWS enable enterprises to innovate safely, leveraging AWS’s elastic compute, observability, and compliance capabilities to operationalize trusted AI across industries.
Securing and managing AI agents and APIs
As my colleague, Louise Scully, noted in her blog about securing agentic AI, organizations are experimenting with orchestration agents, specialized worker agents, and tool-using workflows that can coordinate actions across applications and services. More than any open-ended, chat-based tool, agents have the power to transform, exponentially expanding what teams are capable of without adding headcount. While most traditional security tools do not adequately support or protect modern AI workloads, F5 has solutions:
- F5 AI Red Team validates AI agents against tens of thousands of real-world attack signatures, uncovering prompt injection, data leakage, and privilege escalation risks before release.
- F5 AI Guardrails enforces runtime protection and policy compliance, ensuring every agent operates securely within pre-determined output boundaries across any environment, including Amazon EKS or AWS Fargate.
As organizations pursue agentic and generative AI, they increasingly rely on APIs to connect AI models and agents to applications and data for training and inference. But the more API connections, the higher the risk. Threat actors can abuse APIs to exfiltrate data, jailbreak AI models, and steal models and other AI intellectual property. A single AI application can have upwards of hundreds of API endpoints. Any security-conscious organization needs to be securing their AI APIs against threats.
The hidden costs of shadow AI
If you think shadow AI isn’t a problem in your organization, think again. According to IBM's 2025 Cost of Data Breach Report, one in five organizations surveyed experienced a cyberattack because of security issues with shadow AI. Furthermore, the average cost of those attacks was $670,000 more than organizations with little or no shadow AI. The takeaway is simple: organizations that fail to control shadow AI are at significant financial risk.
Together, F5 and AWS offer:
- Continuous discovery that monitors for any new API endpoints that connect to AI services, enabling real-time visibility and quickly revealing when new AI services are being used.
- Access controls to ensure that new API endpoints follow due process for authentication and enforce the principle of least privilege—no higher access than is needed.
- Input/output validation that checks all data going to and from AI models to prevent malicious prompts from coming in or sensitive data from going out.
- Rate limiting to enforce thresholds for API calls, preventing systems from being overloaded, as in the case of a denial-of-service (DoS) attack.
- Anomaly detection, as in any monitoring software, that checks for suspicious behaviors in traffic patterns.
Ensuring a successful and secure AI journey, together
With over 10 years of partnership with AWS and 20 AWS certifications, F5 is committed to technical excellence and customer success. Together, F5 and AWS enable organizations to build and maintain AI-powered applications that are secure, available, and efficient. Comprehensive solutions and services ensure that organizations can drive innovation while protecting sensitive data and maintaining an exceptional user experience.
Learn more about F5 solutions for AWS.
About the Author
Related Blog Posts
Why sub-optimal application delivery architecture costs more than you think
Discover the hidden performance, security, and operational costs of sub‑optimal application delivery—and how modern architectures address them.
Keyfactor + F5: Integrating digital trust in the F5 platform
By integrating digital trust solutions into F5 ADSP, Keyfactor and F5 redefine how organizations protect and deliver digital services at enterprise scale.
Architecting for AI: Secure, scalable, multicloud
Operationalize AI-era multicloud with F5 and Equinix. Explore scalable solutions for secure data flows, uniform policies, and governance across dynamic cloud environments.
Nutanix and F5 expand successful partnership to Kubernetes
Nutanix and F5 have a shared vision of simplifying IT management. The two are joining forces for a Kubernetes service that is backed by F5 NGINX Plus.
AppViewX + F5: Automating and orchestrating app delivery
As an F5 ADSP Select partner, AppViewX works with F5 to deliver a centralized orchestration solution to manage app services across distributed environments.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.