Threats

We focus on applications because your adversaries focus on applications.

Applications have become the focal point of the Internet, the workhorses behind organizations of all types. Attackers have figured this out, and they target applications more than anything else (besides people). This research series ties together trends and data from a number of perspectives to give an overall picture of the application security threat landscape.

DDoS Attack Trends
2022 Application Protection Report
Top Risks March 16, 2022
DDoS Attack Trends
Distributed denial-of-service attacks soared in complexity and size during 2021. While the overall number of DDoS attacks declined marginally compared with 2020, the F5 Silverline team saw the largest attack in 2021 peak at nearly 1.4 Tbps, 5.5 times larger than the largest attack in 2020.
article 14 min. read
In Expectation of Exfiltration
2022 Application Protection Report
Ransomware February 15, 2022
In Expectation of Exfiltration
Attacker behaviors continue to evolve, sometimes in predictable ways, sometimes not. This 2022 report covers the ongoing growth of malware (including ransomware), a newfound emphasis on data exfiltration, the continuing dominance of formjacking attacks, and detailed recommendations for mitigating these vectors.
report 45 min. read
Sectors and Vectors
2021 Application Protection Report
Ransomware June 23, 2021
Sectors and Vectors
Our first supplemental piece to the 2021 Application Protection Report is a detailed examination of how attack chains vary by targeted industrial sector. This also provides some insight into how sectoral analyses compare with other kinds of security intelligence and how best to use them.
article 11 min. read
Of Ransom and Redemption
2021 Application Protection Report
Top Risks May 18, 2021
Of Ransom and Redemption
We dive ever deeper into the changing threat landscape, unpacking the evolution of formjacking to fit a wider target profile, as well as the evolution of ransomware from a niche attack to the latest default. We also analyze and visualize attack chains in greater detail using the ATT&CK framework.
report 60 min. read
Volume 3: Recent Cyberattacks
2020 Application Protection Report
Attack Campaign December 16, 2020
Volume 3: Recent Cyberattacks
To help defenders preempt web attacks, we did an analysis of more than one million recent cyberattacks and scans from Q3 2020. See which techniques and systems attackers are focusing on right now, so that you recognize them when they hit your logs!
article 14 min. read

APR Archives

2020 Application Protection Report

2020 Application Protection Report

Volume 2: API Authentication Incidents

The second volume of the 2020 Application Report explores how API authentication goes wrong, what happens when it does, and what you can do to make sure it doesn't.

September 01, 2020

2020 Application Protection Report

2020 Application Protection Report

Volume 1: APIs, Architecture, and Making Sense of the Moment

APIs have become critical for business online, but they are also leading to more security incidents, most of which should have been preventable.

July 31, 2020

2019 Application Protection Report

2019 Application Protection Report

The Virtue of Visibility

This is the full version of the 2019 Application Protection Report. It contains research and data from all of the 2019 volumes, updated with 2019 breach trends that paint a clearer picture of where application threats are heading.

May 11, 2020

2019 Application Protection Report

2019 Application Protection Report

Summary, 2nd Edition

This is the quick espresso-style rundown on the 2018 threat landscape. This summary boils down the trends in the application threats, as well as our recommendations for managing application risk as it evolves.

November 05, 2019

2019 Application Protection Report

2019 Application Protection Report

2019 APR Podcast Series

In this companion podcast, the 2019 F5 Labs Application Protection Report researchers examine whow both apps and threats are changing, and what security practitioners can do to stay ahead of these changes.

October 22, 2019

2019 Application Protection Report

2019 Application Protection Report

Volume 5: API Breaches and the Visibility Problem

API use has grown tremendously as applications grow more decentralized. Some large apps have hundreds of APIs, and mobile apps depend on them completely.

August 13, 2019

2019 Application Protection Report

2019 Application Protection Report

Volume 4: 2018 Access Attack Trends

The tactic that featured most prominently in U.S. data breaches in 2018 was access attacks, such as phishing or credential stuffing. We identified the changing patterns, and provided some tips on how to prevent them.

June 25, 2019

2019 Application Protection Report

2019 Application Protection Report

Volume 3: Web Injection Attacks Get Meaner

Even though injection has been around for a long time, new trends in web architecture made it particularly effective in 2018.

May 16, 2019

2019 Application Protection Report

2019 Application Protection Report

Volume 2: 2018 Breach Trends

We analyzed more than 700 U.S. data breach reports to discover that two tactics were responsible for most of the successes, and that there are patterns between business models and successful breach events.

April 08, 2019

2019 Application Protection Report

2019 Application Protection Report

Volume 1: PHP Reconnaissance

As we reviewed untargeted reconnaissance traffic for 2018, one pattern stuck out: it turned out that 37% of all honeypot traffic we caught came from just two North American IPs seeking old PHP vulnerabilities.

March 25, 2019

2019 Application Protection Report

2019 Application Protection Report

Introduction: Why Application Security

Find out why we care so much about application security, how applications have grown into the weird beasts that they are today, and how our work fits into the bigger picture of securing and running an application.

July 22, 2019

2018 Application Protection Report

2018 Application Protection Report

2018 APR Podcast Series

In this companion podcast, the researchers who created the F5 Labs Application Protection Report discuss their findings, and share the details and backstories that helped shape the final report.

July 16, 2019

2018 Application Protection Report

2018 Application Protection Report

The 2018 Application Protection Report

In this report, we demystify the complexities of apps, explore how and where they're attacked, and provide practical steps to take now to start winning the app protection battle.

July 25, 2018

See the Lifecycle of the 4 Major Attack Types:

Click through the animations below to understand how different attacks unfold.