As digital transformation has become a requirement among corporations globally, cloud adoption has been accelerated by the need to deliver more applications to market in less time, while optimizing expenditure. This, in turn, has led to an increased need for application developers over recent years, with that trend set to continue into the foreseeable future. In fact, it is estimated that the number of software developers worldwide currently stands at 23 million, with that number projected to soar to 27.7 million over the next five years.
Combining the growing number of developers within IT organizations with the architectural freedom and agility of the public cloud has, in many cases, led to more and more siloed deployments across application teams. This often causes huge challenges for security teams, as individual teams begin adopting readily available cloud-native security offerings (such as AWS GuardDuty or AWS WAF) while others might leverage products from traditional security vendors like F5’s Advanced WAF. And when you consider that the average enterprise already uses 75 security products to secure their network and applications, the result is the continued expansion of a diverse security portfolio. This makes obtaining a holistic view of a company’s security and compliance posture even more challenging.
For security teams who find themselves in this position, the recent preview release of the AWS Security Hub might just be the answer. Offering a comprehensive view of high-priority security alerts across various AWS-native, and AWS Marketplace third-party partner security solutions, AWS Security Hub is able to provide visibility into key findings of numerous disparate security solutions—all from a single pane of glass. And at a time when security teams are often overwhelmed by diverse concoctions of alerts from differing sources, the need to distill these down to just the most critical of threats to improve efficiency has never been more vital. In other words: more signal, less noise.
As a launch partner of this new service, F5 recognized the need for its customers to simplify and consolidate security proceedings beyond that of just its own product portfolio. As such, F5’s industry-leading Web Application Firewall solutions (Advanced WAF and BIG-IP ASM) can now be integrated with AWS Security Hub, allowing predefined alert information from blocked traffic (such as attack type, source, etc.) to be escalated to this central console for further review, alongside inputs from other security products. Additionally, with automated compliance checks AWS Security Hub can assess F5 WAF configurations to ensure compliance with industry requirements specified by users. Shown in Figure 1 below is a sample architecture showcasing F5’s integration with AWS Security Hub, and in Figure 2, you’ll see an example of how alerts received from F5 WAF appliances are highlighted within the AWS Security Hub console.
For more information about F5’s Web Application Firewall solutions or any of its other application delivery services on AWS, please visit us at F5.com or in the AWS Marketplace. Alternatively, if you happen to be attending AWS re:Invent this week, feel free to stop by our booth (#1640) and discuss the matter with our experts.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...