Distributed Cloud WAAP evolves F5’s security as a service offering further for securing enterprise apps
The recent launch of F5 Distributed Cloud Web Application and API Protection (WAAP) brings to F5’s technology partner ecosystem a new security as a service (SECaaS) offering, which represents the latest evolution in application security.
This is according to a blog entry written by Frank Strobel, F5’s Senior Director, Security Alliances, who explains: “Distributed Cloud WAAP is a multi-layered solution that delivers industry-leading web application firewall (WAF) capabilities with DDOS mitigation, bot defence and API protection.
“By combining these previously disparate features into an easily deployed as a service solution, F5 delivers robust security capabilities, and a simplified set of controls to manage those capabilities, to protect applications and APIs against a myriad of threats and fraud. The F5 Distributed Cloud Platform enables customers to deploy, secure, and operate their applications in a cloud-native environment wherever needed - data centre, multi cloud, hybrid cloud, or enterprise edge.”
Stefan van de Giessen, Country Manager: SA and SADC at Exclusive Networks Africa, which distributes F5 solutions throughout sub-Saharan Africa, adds: “Application programming interfaces, or APIs, essentially mean a set of rules that dictate how two machines talk to each other. Some examples of API-based interactions include a cloud application communicating with a server, servers pinging each other, or applications interacting with an operating system.
“Having WAF capabilities combined with distributed denial of service (DDOS) mitigation, as well as bot defences, obviously is a tremendous boost for API protection.”
Strobel clarifies: “Our soon to be published 2022 State of Application Strategy Report found that 88% of respondents currently operate both legacy and modern application architectures. Additionally, more than three-quarters of respondents (77%) say they run applications in multiple clouds, while 84% plan to make use of the edge. All this activity brings many challenges, not least of which is the fact that the proliferation of architectures, cloud services and open source software acts to expand the overall risk landscape.
“App deployment has been massively transformed by automation, but app security too often still requires a high degree of manual effort. So, while digital transformation has focused on app modernisation and multicloud delivery, security tools are frequently deployed as difficult-to-integrate point solutions. And when neglected or improperly implemented, sub-par security enables attackers to exploit web application and API vulnerabilities and abuse business logic to steal personally identifiable information (PII), inflict degradation/downtime losses, commit account takeover (ATO) and fraud, and otherwise cause financial losses and reputational damage.
“…. Distributed Cloud WAAP brings industry-leading F5 technology into a holistic as a service offering that is purpose-built for modern, distributed apps and multicloud environments.”
“A report released earlier this year by cyber security company Surfshark, a VPN service company based in the British Virgin Isles that also offers data leak detection and a private search tool, revealed that South Africa sits in the top 10 when comparing countries with the most cyber crime globally," says Van de Giessen. “The survey showed that South Africa was unfortunately placed as having the sixth highest cyber crime statistics, and had also showed the sharpest rise in cyber crime recently when compared to any country in the world.
“These figures are also consistent with a report released at the end of 2021 by the International Criminal Police Organisation (INTERPOL). Here, to single out just two points regarding local statistics, the ‘African Cyberthreat Assessment Report 2021’ showed that South Africa was listed as the second-most targeted country in Africa for ransomware, after Egypt, and the most targeted country on the continent for business e-mail compromise (BEC) attempts. This underscores once again the need to protect the network to safeguard data and information, and keep businesses operating and able to resist cyber attacks,” he concludes.
For more information, contact Michelle Naidoo at (+27) 011 202 8400, Mnaidoo@exclusive-networks.co.za