F5’s Memory-Safe Roadmap
At F5, we believe a strong security posture starts by reducing risk before it reaches our customers. That means engineering products that are harder to exploit in the first place. This is reflected in our decision to join more than 150 companies in taking CISA’s Secure by Design pledge. The pledge formalizes a set of security outcomes customers should be able to expect from technology providers, including:
- increasing the adoption and success rate of security patch installation
- improving the evidence customers can use to investigate intrusions, and
- achieving a measurable reduction in the prevalence of one or more classes of vulnerabilities.
A memory-safe roadmap
A memory-safe roadmap means steadily shrinking the amount of high-risk, memory-unsafe code in our products and toolchains, while adding protections that prevent entire categories of defects from being introduced or going undetected. We view this as an evolutionary journey: combining immediate mitigations that reduce exploitability today with architectural shifts that reduce the probability of such vulnerabilities existing tomorrow.
Moving toward memory-safe engineering practices involves multiple parallel tracks:
- Prevention
Reducing introduction of memory safety bugs through safer abstractions, securing coding patterns, and—where appropriate—adopting memory-safe languages for new components or major rewrites. - Detection
Extending automated detection to earlier in the lifecycle using modern application security practices during development - Containing
Reducing the blast radius when defects occur through hardening, least privilege, and runtime protections. - Proving and measurement
Tracking vulnerability patterns and demonstrating a reduction in risk over time.
F5 will continue working with customers and the security community to improve product security, provide clear support, and help protect their environments. Our approach delivers steady risk reduction while ensuring reliable performance.
Employee