MyForum Series

When an application enters production as a container, it arrives as a changeless artifact. The first few moments of its existence are spent communicating and learning through the platform API, DNS services, settings, and volumes. The question is, at what stage was the application most vulnerable and when was it compromised?

In this session you will learn more about emerging attack vectors targeted at applications deployed inside Kubernetes platforms, and how you can protect both the application and Kubernetes from being compromised. Discover how to:
• Monitor your Kubernetes platform for risky behaviours and signs of compromise
• Secure the API with Kubernetes Role-Based Access Control (RBAC)
• Protect the runtime with Kubernetes security policies
• Use ingress controllers to enhance data plane security
• Leverage network policies and service mesh to protect and restrict internal traffic

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Web Application Firewalls (WAF) have grown to become business-critical to protect web applications. In a new Leadership Compass report, KuppingerCole, an independent analyst firm headquartered in Europe, analyses WAF products to help you find the solution that best meets your needs.

Today’s WAF solutions must provide more advanced capabilities to meet new and emerging IT requirements and protect against the evolving landscape of attacks. Beyond core capabilities, WAFs are now filling the gap with Web Application and API Protection (WAAP) capabilities.

In this interactive session, experts from KuppingerCole and F5 will examine the WAF market and elaborate on:
- The difference between WAF and WAAP and the specific capabilities needed in each
- Securing applications with WAF, API security, bot defence, and DDoS mitigation use cases
- Advanced capabilities for WAFs to protect against complex web attacks
- Deployment options such as on-premises, cloud, multi-cloud, and hybrid
- Protecting container-based platforms (e.g. Kubernetes) or microservices

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

While modern applications are getting more distributed and interconnected, API calls are now representing the majority of requests on the Internet. To manage, expose, and protect APIs involves several teams and requires different technologies.

API gateway and security solutions can be deployed either centrally or distributed, inside or outside a Kubernetes cluster, and managed in-house or consumed as a service.

However, using different deployment models within the same organisation complicates how APIs are managed and governed, and requires new skills if deployed as Kubernetes.

In this session, you will learn about:
- The API ecosystem and protocols used
- The differences between API management, gateway, and security
- Various API gateway and security architectures

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

With the API market growing and evolving fast, apps and APIs are increasingly under attack. Gartner predicts that by 2022, API abuses will be the attack vector most frequently resulting in data breaches for enterprise web applications.

With the shift to microservices, the centralised API gateway architecture is evolving towards a more distributed model with micro API gateways embedded within microservices environments.

In this session, you will learn how to:
- Publish, manage, and secure your APIs from the latest attack vectors
- Integrate your API gateway in your application lifecycle
- Introduce DevSecOps methodologies in your API projects

Modern applications are complex, consisting of multiple software elements that are developed and upgraded separately. Studies from Cloud Native Computing Foundation and others show that containers and container orchestration platforms are now the “new normal” for application development and scaling.

In this session, we will focus on security services that can be deployed and scaled in orchestration platforms like Kubernetes.

You will learn how you can:
- Protect your applications against app-layer attacks
- Easily deploy and operate app protection with an ingress controller inside your Kubernetes cluster
- Evolve and scale add-on services, protecting your applications at the pace of your traffic
- Provide additional services like DDoS protection to not only secure your applications, but also your clusters

By watching this podcast, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time.

Over 50% of web traffic today is generated by bots. As bad bots are involved in nearly every attack, it's critical to be able to identify bad bots and protect against them. But how can you distinguish between good bots, bad bots, and humans?

In this session, you will learn:
- What types of application attacks are commonly performed by bots
- How bots infect, propagate, and attack your applications
- Which technologies are available to distinguish between valid traffic and bad bots
- How you can defend against bad bots without disrupting the good ones
- How reducing bot traffic will reduce your total cost

In this session, you will learn how to leverage collected metrics and pre-defined alerts to visualise application condition through open-source tools such as Elasticsearch, Kibana, and Prometheus.

Using real-life use cases, we'll discuss how you can:

• Control every deployed application
• Visualise automatically deployed applications
• Enable your existing solutions to drive observability for your deployed applications
Reveal illegal or malicious behaviour towards your published services

Watch the other episodes of the series:

Ep 1: Modernising and Securing Your API Architecture

Ep 2: Multi-layer App Security in Kubernetes for DevSecOps

Ep 3: How Smarter Bot Mitigation with Machine Learning Can Reduce Business Risks and Costs

Ep 5: Top 5 Pitfalls to Avoid in Client-Side Security

Ep 6: Scaling Your App Delivery Infrastructure in Minutes not Days

By watching this webinar, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

As you secure your applications and protect them from security breaches and fraud events, you've likely turned to preventative and detective controls on the server side.

On the other hand, client-side threats such as malicious JavaScript, formjacking, data exfiltration, digital skimming, and Magecart make up a significant portion of attacks across all industries. Those attacks can lead to customer data theft, regulatory scrutiny, compromised user experience, lack of trust, stuck sales cycles, and revenue loss.

In this session, we'll explore the challenges involved in client-side security. We'll cover:

• The complexities and challenges involved in client-side security
• How enterprises can avoid common pitfalls when addressing client-side security
The benefits of looking at the client-side environment to mitigate risk

Watch the other episodes of the series:

Ep 1: Modernising and Securing Your API Architecture

Ep 2: Multi-layer App Security in Kubernetes for DevSecOps

Ep 3: How Smarter Bot Mitigation with Machine Learning Can Reduce Business Risks and Costs

Ep 4: Why You Need Observability Beyond Monitoring Apps

Ep 6: Scaling Your App Delivery Infrastructure in Minutes not Days

By watching this webinar, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

The fact that application attacks are on the rise is a growing concern for business leaders, as applications are the gateway to an organisation's most valuable assets – the data.

With the right web application firewall (WAF), you can block the relentless attacks that aim to take down your services and exfiltrate your data. Application and DevOps teams adopting agile methodologies are now building and deploying new apps at a speed that is difficult for security teams to keep up with.

In this session our experts will explain how you can reduce time-to-market for your new apps by:
• Harmonising your WAF deployment with your DevOps practices to reduce friction between application and security teams
• Integrating your WAF security policies into the developers’ CI/CD pipelines
• Adopting a security-as-code methodology by integrating security policies in a repository, such as Git

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

When an application enters production as a container, it arrives as a changeless artifact. The first few moments of its existence are spent communicating and learning through the platform API, DNS services, settings, and volumes. The question is, at what stage was the application most vulnerable and when was it compromised?

In this session you will learn more about emerging attack vectors targeted at applications deployed inside Kubernetes platforms, and how you can protect both the application and Kubernetes from being compromised. Discover how to:
• Monitor your Kubernetes platform for risky behaviours and signs of compromise
• Secure the API with Kubernetes Role-Based Access Control (RBAC)
• Protect the runtime with Kubernetes security policies
• Use ingress controllers to enhance data plane security
• Leverage network policies and service mesh to protect and restrict internal traffic

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Join us for an exclusive myForum event where we explore and debate the most pressing cybersecurity concerns of 2022, and more importantly how organisations can fight back.

Today's cybercriminals vary wildly by motivation, sophistication, level of resources, and depth of specialisation. At the same time, applications are becoming increasingly distributed and decentralised, creating a whole new world of challenges and pain.

Cybersecurity is an infinite game where no organisation or vendor can ever claim outright victory. Staying in that game is only achievable with a long-term strategy, relentless persistence, and constant innovation.

Drawing on the latest research and insights, Bryan Glick (Editor in Chief, Computer Weekly) will be moderating a panel consisting of Lisa Forte (Cybersecurity Expert and Top 100 Women in Tech award winner), David Warburton (Threat Research Manager, F5 Labs), and Matthieu Dierick (Solutions Architect, F5).

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

AUDI, a leading manufacturer of premium cars, in recent years set out to reinvent the way they create, deploy, run, and optimise their applications. AUDI’s Kubernetes Competence Centre designed a cloud‑independent, OpenShift-based platform operating as a seamless application environment. However, the big challenge was how to secure everything.

In this session, we will look at people, processes, and tools and elaborate on how to successfully create a DevSecOps structure in large enterprises. We will provide strategic input for managers, platform owners, and developers on how to support tough business goals and overcome organisational silos through cultural change.

Our presenters from AUDI and F5 will also cover how to:
- Enforce a security-first strategy, encompassing application and container security, attack mitigation, and data protection
- Secure Kubernetes apps without compromising speed or agility
- Leverage a web application firewall solution to protect the application environment

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Web Application Firewalls (WAF) have grown to become business-critical to protect web applications. In a new Leadership Compass report, KuppingerCole, an independent analyst firm headquartered in Europe, analyses WAF products to help you find the solution that best meets your needs.

Today’s WAF solutions must provide more advanced capabilities to meet new and emerging IT requirements and protect against the evolving landscape of attacks. Beyond core capabilities, WAFs are now filling the gap with Web Application and API Protection (WAAP) capabilities.

In this interactive session, experts from KuppingerCole and F5 will examine the WAF market and elaborate on:
- The difference between WAF and WAAP and the specific capabilities needed in each
- Securing applications with WAF, API security, bot defence, and DDoS mitigation use cases
- Advanced capabilities for WAFs to protect against complex web attacks
- Deployment options such as on-premises, cloud, multi-cloud, and hybrid
- Protecting container-based platforms (e.g. Kubernetes) or microservices

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

While modern applications are getting more distributed and interconnected, API calls are now representing the majority of requests on the Internet. To manage, expose, and protect APIs involves several teams and requires different technologies.

API gateway and security solutions can be deployed either centrally or distributed, inside or outside a Kubernetes cluster, and managed in-house or consumed as a service.

However, using different deployment models within the same organisation complicates how APIs are managed and governed, and requires new skills if deployed as Kubernetes.

In this session, you will learn about:
- The API ecosystem and protocols used
- The differences between API management, gateway, and security
- Various API gateway and security architectures

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time

Kubernetes has become the de facto platform standard for modern applications. While it provides tools and capabilities to control network and application security, there are many different ways to implement these.

Your security architecture should aim to provide the best possible protection for your applications, while staying aligned with your organisational structure. A flexible model based on shared responsibilities and cloud-native security solutions is key to a successful Kubernetes journey.

By attending this session, you will:

- Understand the main building blocks for application security in Kubernetes
- Gain insights into how NetOps, DevOps, and SecOps can cooperate
- Discover the shift-left approach to security and why it matters

By watching this lightboard session, your personal details will be shared with F5 and treated in accordance with the F5 Privacy Notice (https://www.f5.com/company/policies/privacy-notice). You also are signing up to be contacted about F5 products and services but you can unsubscribe at any time