That's A Wrap From BlackHat 2022 - API Security, it's time to shine
We hit the road and we hit it HARD! Between the editing and interviews, it was hard to find a lot of time for sleep. This was a truly immersive experience, heading out there. Coming back to producing another show immediately, I've had some time to reflect on our trip to BlakHat USA 2020. There were some resounding themes, for sure.
Firstly, it is an API world. If you look at the summary article of BlackHat 2022 announcements I talked about on DevCentral Connects yesterday, you see a trend:
I am THRILLED to see the rest of the security industry finally taking an interest on the segment that we've led in terms of industry deployment numbers for 15 years. In 2007, TMOS 9.2.4 delivered an XML firewall to our customers - able to ingest a WSDL for schema baselines - that learned expected API usage over time like any other http delivered application. SOAP followed shortly, thereafter and, of course, REST shortly after that. This was just an evolution of WAF here at F5. Watching NGINX+ delivery of API gateways add on NGINX App Protect features with the F5 WAF engine showed me that we continue to value this level of API defense at every scale, as well.
When I saw Gartner and other vendors starting to call the segment 'WAAP,' it bothered me a bit, as we at f5 have always understood WAF to encompass APIs. I really hope that we can capitalize on our pedigree in this space to deliver our customers the most reliable and scalable API Security solutions there are.
Regarding the f5 booth, it's been a minute since I've been at a trade show for f5. The thing that stuck out the most for me was the lack of the term 'load balancing.' What I heard more of was 'API Security,' and 'Multi-Cloud Networking'. What struck me the most was that customers seemed to understand that multi-cloud was really our thing now, and I think that having partners like RedHat has helped us to be viewed as a software company, rather than a big iron vendor. This speaks volumes to our ongoing transformation and our ability to get that message out there. Kudos to our sales teams for really making that apparent.
Be sure to follow us all on the socials for content, in addition to YouTube:
DevCentral handles: https://www.linkedin.com/showcase/f5-devcentral/ | https://twitter.com/devcentral
Peter Silva: https://www.linkedin.com/in/psilvas/ | https://twitter.com/psilvas
Buu Lam: https://www.linkedin.com/in/buulam/ | https://twitter.com/buulam
Aubrey King: https://www.linkedin.com/in/aubreyking | https://twitter.com/aubreykingf5
Content summary:
BlackHat USA 2022 Playlist: https://www.youtube.com/playlist?list=PLyqga7AXMtPPL3Xw0qrWO3sZnsbL4amP5
- buulamAdmin
It's frightening to think of the proliferation of APIs right now. They're everywhere and they're not often understood by the developer (nor well documented) let alone netops and secops who are trying to discover and protect them.