Mobilizing Forces to Help Organizations Protect Apps and Fight Cybercrime

F5 Distributed Cloud WAAP’s comprehensive protection and observability combined with Threat Stack’s threat monitoring and intelligence makes for a compelling offering.

Imagine being behind the wheel, navigating your way through a large, unfamiliar city in the dark, trying to find someone’s house or a restaurant where you’re meeting co-workers. Doing so before the year 2000, when GPS navigation systems were not yet available, likely made this journey longer and more troublesome.

Today, with smartphone map apps, such a trek is much more doable. Even though the traffic is worse now, it’s easier to manage with real-time alerts about potential hazards such as accidents, congestion, and police blocking traffic. Traffic-mapping applications have changed the way many of us drive. How could we go back to the way it was before?

Navigating the 2022 cybersecurity landscape to safeguard your apps is no leisurely drive either. But it too has become much more feasible with powerful application protection solutions available now – including a relatively new one that combines WAF (web application firewall) capabilities, DDoS mitigation, bot defense, and API security, and soon to be adding a tool with more threat monitoring, telemetry collection, and intelligence capabilities.

This app protection offering is F5 Distributed Cloud Web App and API Protection, also known as F5 Distributed Cloud WAAP. A comprehensive Software as a Service (SaaS) suite, it melds previously disparate point products into an easily deployed solution that delivers robust security capabilities—and a simplified set of controls to manage those capabilities—to protect applications and APIs against a myriad of threats and fraud.

Distributed Cloud WAAP became available in February 2022. Future releases will incorporate Threat Stack’s high-efficacy intrusion detection for cloud-based workloads for increased observability and protection.

Bad actors, growing attack surfaces, missteps to exploit

There’s no question that cybersecurity today is much more complicated and twisted than the proverbial guardrails on the information superhighway. It is overrun with opportunistic criminals sophisticated and eager enough to covertly take down companies and industries. The malware they create continues to cause chaos and disruption, ranging from cryptominers parasitically hijacking idle processing power to ransomware threatening to destroy a company’s ability to do business, all so criminals can take the money and run.

Adding to the security challenges that IT teams face are the vulnerabilities exposed during their organizations’ own digital transformations (DT). As application architectures modernize, cloud adoption is growing, and workloads are expanding to the edge—adding application attack surface in new locations outside of traditional monitoring. This is compounded by the need for most companies to run legacy and modern apps simultaneously during their DT journey, inevitably resulting in connectivity and security gaps.

Surveys in F5’s 2022 State of Application Strategy Report, published in April, found that 88% of respondents currently operate both legacy and modern application architectures. Additionally, more than three-quarters of respondents (77%) say they run applications in multiple clouds, while 84% plan to make use of the edge. All this activity taxes resources and expands the overall risk landscape due to the proliferation of architectures, cloud services, platforms, and software supply chains – not to mention the potential for misconfigurations and missteps everywhere the deployment scenario is different.

In such a mixed environment, traditional WAF and distributed denial-of-service (DDoS) solutions are often inadequate to protect companies’ complex mix of apps and APIs from the increasing number of threats and evolving attacks. Organizations need security that is stronger, smarter, and easier to deploy for consistent protection against automated bot attacks and API-specific threats.

F5 Distributed Cloud WAAP is a multi-layered, network-based solution that delivers leading WAF capabilities combined with DDoS mitigation, API management, and bot protection. By combining all these proficiencies into an easily deployed SaaS offering, F5 delivers leading-edge security with straightforward unified monitoring and controls to protect applications and APIs against today’s wide range of threats.

The Distributed Cloud WAAP components include:

• Web Application Firewall: Powerful Advanced WAF technology, combining both signature- and behavior-based detection for self-tuning protection of web applications.
• API Security: Automatic discovery, mapping, policing, and anomaly detection to safeguard APIs from threat actors seeking to cause a data breach or services outage.
• Bot Defense: Dynamic deflection of in-browser attacks, based on sophisticated differentiation between human behavior and malicious automation. It brings together unified telemetry, network intelligence, and AI/ML with human analysis to identify and defend against automated threats such as credential stuffing, account takeover, site scraping, and more.
• DDoS Mitigation: Managed protection against volumetric attacks across layers 3–7, including network-level shielding, DoS signatures, service policies including rate limiting, IP reputation, and external scrubbing based on deep packet inspection.

Strengthening infrastructure layer observability

With the addition of Threat Stack, organizations are now better positioned to protect against targeted attacks at the infrastructure layer, such as Log4j, Dirty Pipe, and Spring4Shell. Threat Stack monitors all layers of the cloud-native infrastructure stack—from the cloud management console, hosts, container, and orchestration—for behaviors that indicate attackers have gained access to the infrastructure. It then provides the necessary observability for customers to understand the attack and quickly remediate the threats to this layer.

Threat Stack also helps beef up defenses against the many security misconfigurations that create vulnerabilities that bad actors could exploit. These include wide open security groups, insecure Identity and Access Management (IAM) policies, users engaging in lateral privilege access and escalation, rotating access keys, and many more.

Combining these two offerings — F5 Distributed Cloud WAAP’s comprehensive protection and single-pane-of-glass observability, and Threat Stack’s extensive workload and infrastructure threat monitoring and intelligence — provides a complete solution for security-minded organizations to gain end-to-end protection and observability, become cyber-street smart, and navigate today’s more convoluted cybersecurity landscape.