Technical Articles
F5 SMEs share good practice.
6038 PostsActivity in Articles
DevCentral Visits: AWS re:invent 2023
Buu Lam is down in Las Vegas this week for AWS re:invent! Keep up with his adventures in this thread and make sure to subscribe to the DevCentral Youtube channel to get the latest updates. Go give Buu Lam a follow on LinkedIn while you're at it!
WinRAR, human curiosity and VM escapes - Nov 13th - 19th, 2023 - F5 SIRT - This Week in Security
This Week in SecurityNovember 13th - 19th, 2023WinRAR, human curiosity and new CPU-based virtualization escape vulnerabilities Editor's introduction Aaron here as your editor this week for a round-up of notable security news that caught my eye. Ke...
The Case of the Missing F5 AMI : F5 BIG-IP AMI Lifecycle Events
Today, many F5 customers use AWS, and use the AWS Marketplace to procure F5 BIG-IP software. Customers that follow this route receive multiple benefits, such as a simplified procurement process and the ability to use their Enterprise Discount Program...
F5 Distributed Cloud Origin Server Subset Rules
Introduction: F5 Distributed Cloud (XC) Origin server subset rules provide the ability to create match conditions on incoming source traffic to the HTTP load balancer. The match conditions include Country, ASN, Regional edge (RE), IP address, and cli...
Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire
Introduction The Secure Sockets Layer (SSL) protocol and its successor, Transport Layer Security (TLS), are being widely adopted by organizations to secure IP communications. While SSL/TLS provides data privacy and secure communications, it also cre...
F5 Academy at AppWorld 2024
We're getting more excited about content at AppWorld 2024 (Feb 6-8 in San Jose, California)! F5 Academy will host dozens of expert-led technical lab sessions on BIG-IP, Distributed Cloud Services, NGINX, and more. You'll be able to follow one of t...
How to make DNS resolutions in an HTTP request event work FOR you, not against you
I got a message from a colleague about an interesting challenge a couple of weeks ago. The challenge was two-fold with the customer iRule that was in place: The rule used the RESOLV::lookup command, which works but has been deprecated since version ...
DDoS attacks, CVSS 4.0 and Malware - Nov 6th to Nov 12th, 2023 F5 SIRT This Week in Security
Jordan here as your editor this week for a round-up of notable security news that caught my eye. Keeping up to date with new technologies, techniques and information is an important part of our role in the F5 SIRT. The problem with security news is ...
OWASP Tactical Access Defense Series: Broken Object Level Authorization and BIG-IP APM
Addressing Broken Object Level Authorization (BOLA) vulnerabilities requires a multifaceted approach, combining robust coding practices, secure development methodologies, and powerful tools. Among these tools, F5 BIG-IP Access Policy Manager (APM) st...
Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect
This 2019 API Security article covers the summary of OWASP API Security Top 10 – 2019 categories and newly published 2023 API security article covered introductory part of newest edition of OWASP API Security Top 10 risks – 2023. We will deep-dive i...
Decoding the IPv4 address from the persistence cookie
I was working with a colleague on how best to manage connections to multiple sites when DNS persistence is lacking. That article will come, but as we discussed solutions, digging into the persistence cookie that the BIG-IP inserts led to some fun wi...
LockBit, Pwc2Own, AI, "Othello is solved" Oct30th to Nov5th, 2023 F5 SIRT This Week in Security
Editor's introduction This week in security editor is Koichi. One of the popular board game, Othello, has been solved. Needs explanation what "solved" means. So I chose topics of LockBit Ransomeware, hacking contest Pwc2Own, An executive order f...
AppWorld 2024 Call For Speakers open
F5 is looking for technical experts who are interested in presenting at the F5 AppWorld 2024 conference in San Jose, CA February 6-8, 2024. Sessions will be 30 to 50 minutes long, and you can visit the Call for Speakers page to learn more about the ...
DevCentral Visits: KubeCon NA 2023
Myself and @AubreyKingF5 are hitting the road together and getting our Cloud-Native on as we visit KubeCon NA 2023 in Chicago! The Cloud-Native Community is one of the most lively ones out there and we have a lot of people to visit. Keep an eye on t...
DevCentral Visits SecTor 2023
@buulam made his debut at SecTor 2023 in Toronto this year and @Rebecca_Moloney tagged along to learn a thing or two! Here are some highlights from the trip. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam...
Distributed caching of authentication requests with NGINX Ingress Controller
Summary Building on a previous article and use case, this article discusses the three more advanced features of F5 NGINX Ingress Controller: How to perform caching of authentication subrequest responses,How to use the key-value store to sync cached ...
DevCentral Visits GovWare 2023
@buulam returned to GovWare in Singapore this year! Here are some highlights from his trip and the conversations from this essential IT security event. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam to ge...
Control plane RCE are everywhere and CI/CD compromised Oct 23th–29th – F5SIRT This Week in Security
Introduction: This week in security editor is Lior. This week security news highlights are that RCE’s are everywhere, and they are located at the control plane (configuration utility GUI/API) that are open to the public internet. RCE – is a Rem...
F5 BIG-IP deployment with OpenShift - publishing application options
Introduction This is a follow-up article to F5 BIG-IP deployment with OpenShift - platform and networking options where the multiple deployment options are shown. It is highly recommended to read that article first. Publishing applications through...
F5 BIG-IP deployment with OpenShift - platform and networking options
Introduction This article is an architectural overview on how F5 BIG-IP can be used with Red Hat OpenShift. Several topics are covered, including: 1-tier or 2-tier arrangements, where the BIG-IP load balance workload PODs directly or load balance ing...
AppWorld 2024 Registration Now Live!
F5 is happy to give early notification to DevCentral users that Registration is now open for AppWorld 2024! AppWorld 2024, F5's premier application and API security conference, will be held February 6-8, 2024, at the San Jose McEnery Convention Cent...
How to Secure GraphQL APIs using F5 NGINX
The widespread acceptance of GraphQL among developers today is a testament to its remarkable ability to streamline data retrieval from multiple sources. By facilitating an efficient data access and aggregation process, GraphQL enables developers to...
OWASP Tactical Access Defense Series: How BIG-IP APM Strengthens Defenses Against OWASP Top 10
In an era where cyber threats loom large, safeguarding digital assets has become paramount. Among the vanguard of defenders stands the F5 BIG-IP Access Policy Manager (APM), a stalwart guardian against the notorious OWASP Top 10 vulnerabilities. In t...
Google Play Protect, Signal 0-day, APT Trends Report-Oct 15-21, 2023-F5 SIRT-This Week in Security
Editor's introduction Hello Everyone, this week your editor is Dharminder. I am back again with another edition of This Week in Security, This week I have security news about Google Play Protect Real-Time Code level scanning for Android Malware, R...
GITEX Global 2023 in Dubai - DevCentral Visits
@buulam is fresh from GITEX Global in Dubai! Here are some highlights from his trip and the connections he made at this massive IT conference. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam to get the lat...
Reviewing vulnerability scanner results for an APM protected Virtual Server - part two
This article is part two of the article series "Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server" from your F5 SIRT. Here is part one: https://community.f5.com/t5/technical-articles/reviewing-vulner...
Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server
Introduction from your F5 Security Incident Response Team (F5 SIRT) Hello there! I'm Arvin, Sr. Security Engineer with the F5 Security Incident Response Team (F5 SIRT), sharing security knowledge in this article, and hopefully you will find this us...
Patch Tuesday, cURL, passkey - October 8th - 14th, 2023 - F5 SIRT - This Week in Security
Introduction: I am back as the editor this week after a long break. Last week, the world witnessed a horrific terror attack by Hamas on Israel. As a human being who values peace, I condem this horrific violence and stand with the nation of Israel an...
Support of WAF Signature Staging in F5 Distributed Cloud (XC)
Introduction: Attack signatures are the rules and patterns which identifies attacks against your web application. When the Load balancer in the F5 Distributed Cloud (XC) console receives a client request, it compares the request to the attack signat...
F5 QSN, Cybersecurity Awareness Month - October 1st-7th, 2023 - F5 SIRT - This Week in Security
Editor's introduction Hello there! Arvin is your editor for this edition of This Week In Security, covering 1st to 7th of October 2023. While last in the list of news, October is Cybersecurity Awareness Month. Our colleagues in F5 Distributed Cl...
