Over the years, F5’s State of Application Strategy report has been a resource for organizations seeking to understand the technologies and trends driving application security and delivery. This year’s survey, our 10th annual, shows both the benefits organizations are experiencing as well as the struggles holding them back at the dawn of broad enterprise adoption of AI and during a time of rapid digital evolution.
While the report is packed with important findings, and I encourage you to read it in its entirety, three trends that stood out to me as especially important: the exploding use of APIs and the security threats there-in; the challenges of hybrid, multicloud operations; and the necessary role of automation and AI in reducing toil for IT operators.
1. APIs are on the rise, and they require new security measures.
I’ve talked before about how we’re now in the era of app capital. It’s now clear we've also entered the era of ubiquitous AI. And one result of both is that APIs are proliferating. As more organizations modernize their apps, APIs have become central to how companies create value for themselves, their partners, and their customers.
Our research shows the average number of APIs organizations are managing is growing rapidly. Indeed, 41% of organizations now manage at least as many APIs as apps—and we expect these numbers will only increase as companies incorporate AI into their businesses.
While APIs have become as critical to businesses as apps themselves, the downside is that they’re more difficult to monitor, protect, and manage. API security is of particular concern, and our research shows organizations are starting to take the steps needed to manage this growing challenge. Indeed, 95% of survey respondents report using an API gateway, compared to just 35% in 2019. Likewise, 43% are automating app and API security, compared to just 25% for app delivery.
As more companies adopt AI and machine learning models in the coming years, API security will only become more critical. We expect more companies to implement the comprehensive measures required to protect these business-critical assets, including continuous monitoring, code scanning, API testing analysis, API discovery through traffic analysis, threat surface mapping, and enforcement.
2. Companies are choosing to manage multicloud complexity—not eliminate it.
Through our research over the years, it’s become clear that organizations want to deploy each app on a case-by-case basis where it makes the most sense for their business—whether that’s in an on-premises data center, in multiple clouds, or at the edge.
And as organizations deploy AI models and services, the same phenomenon holds true—solidifying distributed, hybrid, and multicloud environments as the norm. In fact, this year’s research shows that 88% of organizations now operate in hybrid environments spanning on-premises and cloud, while 38% have apps deployed in six different environments.
The number of app environments organizations are using continues to trend upward.
Distributed environments are here to stay, despite the great deal of operational complexity, cost and risk they bring. So much so, that at F5 we’ve named this new reality for enterprise IT the “ball of fire.” The ball of fire is the tangled realityin most enterprises today and it’s not going away. In fact, current trends suggest it’s only going to get more complex as enterprises continue to adopt microservice-based application architectures and AI.
Today’s organizations operate in hybrid, multicloud environments—and the complexity continues to grow.
Given this reality, there’s intense interest in technologies that promise to tame hybrid multicloud complexity. As a result, it’s no surprise that multicloud networking was cited the no. 3 most exciting trend by our survey respondents for the second year in a row. As companies look for ways to simplify the management of their distributed environments, multicloud networking offers a way to unify, secure and obtain visibility across these networks.
3. Organizations are turning to automation to reduce complexity, and they’re counting on AI to help.
As organizations get deeper into their digital transformations, they are increasingly automating their IT functions. Our survey results show that 52% of organizations have automated their app infrastructures, while 43% have automated app security. On the other hand, app delivery was the least automated IT function, with just 25% of respondents automating this function—both because of budget limitations and the complexity involved.
How organizations responded when asked, “What use of generative AI is the most valuable to you with respect to security?”
While operational complexity presents a barrier to automation, organizations are counting on generative AI to help, rating it the no. 1 most exciting trend of the year. Security is the top use case for generative AI, with 35% of respondents interested in using generative AI to automate policies and configuration tasks too complex to manage manually, and 29% wanting to use it to improve their ability to detect and neutralize threats.
Solutions are emerging to tame hybrid multicloud complexity
New solutions such as API Security, multicloud networking, and automation and AI are emerging to tame this hybrid, multicloud complexity—and the most successful digital businesses will be the ones that move rapidly to adopt them.
To learn more, read the full 2024 State of Application Strategy Report.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...