Updates bring deeper API insights, stronger security, and more seamless network connectivity to the F5 Application Delivery and Security Platform
F5 unveiled significant enhancements to the F5 Application Delivery and Security Platform (ADSP). The latest updates focus on strengthening API discovery capabilities, improving threat detection, and optimizing network connectivity, underscoring F5’s commitment to delivering unified visibility, security, and operational efficiencies across hybrid and multicloud environments.
Also Read: CIO Influence Interview with Duncan Greatwood, CEO at Xage Security
These updated capabilities are in the latest 7.0 release of F5 Distributed Cloud Services, marking a major update that strengthens visibility and offers greater control for protecting APIs. The release reflects F5’s continued innovation in Distributed Cloud Services and their growing importance in the F5 ADSP.
“APIs are everywhere, powering every connection across apps, users, and data,” said Kunal Anand, Chief Product Officer at F5. “With these new capabilities, we give organizations unified visibility and control over APIs—whether supported by F5 BIG-IP, F5 NGINX, or Distributed Cloud Services, or within air-gapped environments. We’re collapsing complexity, giving teams instant control over bot defense, cloud-native operations, and network connectivity, all in one platform. The result: enterprises can innovate faster, defend smarter, and scale anywhere, without compromise.”
Broader enhancements to the F5 ADSP include:
Expanded API discovery and visibility
Broader and more flexible API discovery options help customers visualize hidden endpoints, sensitive data flows, and inconsistent controls across BIG-IP, NGINX, additional proxies/gateways, and even within air-gapped environments—all without rearchitecting applications or altering traffic paths.
API discovery for BIG-IP, now generally available, enables out-of-band visibility across BIG-IP TMOS systems (v15.1+). API discovery for NGINX and additional proxies/gateways—including NGINX OSS, NGINX Plus, Kong, and Apigee—is available in early access, and allows customers to unify inventory and analysis across heterogeneous environments. For regulated industries and customers with strict data sovereignty requirements, local API discovery, also available now in early access, can be deployed as an air-gapped option that brings the same visibility without sending any data to the cloud.
Enhanced API testing and threat detection
On top of these new API discovery options, this release broadens the scope of API testing to address more vulnerabilities outlined in the OWASP API Top 10. It introduces new and enhanced detection capabilities across critical threat categories such as API1 – Broken Object Level Authorization (BOLA), API2 – Broken Authentication, API3 – Broken Object Property Level Authorization (BOPLA), and API5 – Broken Function Level Authorization. These advancements empower organizations to accurately identify threats earlier, maintain a strong security posture in complex API ecosystems, and proactively prevent attacks and exploits.
Strengthened F5 Distributed Cloud Bot Defense capabilities
Bot Defense now offers tighter integration with F5’s managed offerings, expanding self-service ability with native routing in the console to simplify onboarding. This integration streamlines the entire setup process, allowing organizations to easily onboard applications and services for bot protection without complex configurations or additional overhead. The native console routing ensures that security policies can be quickly applied where needed, reducing the time and expertise required to secure digital assets.
These updates give customers greater control of bot detection policies and the ability to modify and deploy rules as needed. Organizations can tailor bot defense strategies to meet their unique threat landscapes, enabling rapid response to emerging attack patterns or business requirements. This empowers customers to stay ahead of evolving automated threats, ensuring continuous protection while minimizing false positives and operational friction. Investigations have been enhanced with advanced filtering rules using regex operators along with new filter options such as ‘contains,’ ‘not contains,’ ‘starts with,’ and ‘ends with’ to improve threat analysis and speed up resolution.
Operational improvements for cloud-native environments
Customers can now take advantage of new operational enhancements, including a modernized service discovery framework for Kubernetes and Consul environments. This upgrade allows organizations to efficiently map discovered services to individual tenants and apply robust, native role-based access control (RBAC). By improving isolation across namespaces and simplifying secure access management, these capabilities are essential for enterprises aiming to scale their cloud-native workloads with confidence.
Advanced networking enhancements
F5 Distributed Cloud Network Connect now includes expanded routing intelligence and seamless ecosystem integration. With support for external connectors and BGP routing policies, Network Connect extends connectivity by automatically creating secure tunnels to SD-WAN routers and third-party networking devices. With BGP routing policies, enterprises now benefit from granular control over traffic flows using inbound and outbound route filtering and advanced customization options, while enhanced debug visibility accelerates troubleshooting and boosts operational assurance.
Catch more CIO Insights: The CIO’s Role In Data Democracy: Empowering Teams Without Losing Control
[To share your insights with us, please write to psen@itechseries.com ]
