You want Modern Auth … for an app or client that’s stuck in the 2010s
During lift and shift projects, the need to authenticate with more modern technology will arise. The goal of lift and shift is to minimize development efforts - this can present challenges to managing the time to market... F5 BIG-IP Access Policy Manager can be used to easily maintain existing mechanisms but enhance security with new, modern authentication like OAuth. See how this can be done using the HTTP Connector and BIG-IP APM.3.2KViews9likes3CommentsSecurity Operations Center - Helpers Behind the Scenes
We know that cybersecurity is more than products and tools, it's about the people behind the scenes helping to keep applications safe. To that end, DevCentral is excited to highlight people who work in security for Cybersecurity Awareness Month. Meet Edgar Ojeda from the F5 Security Operations Center (SOC). He shares his work with the SOC, how he got started in security and more in this interview. DevCentral: To start, tell us a little a little about yourself, what you do atF5and why it is important. My name is Edgar Ojeda, I have been working in network security for over 18 years. I have worked as a consultant assisting organizations, small, medium and large, with their security needs. I have provided assistance/guidance from basic security on their perimeter network, all the way to endpoint protection and even data loss prevention implementations. Currently I am a Sr. Security Support Engineer with the Security Operations Center (SOC). In my role I am an escalation point for the SOC analysts and mentor for new members. Additionally, I help customers understand our services and provide them with guidance and best practices to adopt our DDoS protection service. DevCentral: How did you get started working in cybersecurity? What’s one piece of advice you’d give someone who wants to do what you do? I started working in cybersecurity back when I was part of the IT Team at a previous company. I remember seeing some friends doing network security and talking about some of the threats they were dealing with, configuration challenges with the customers they were serving and that got my interest. Therefore, I started getting closer to them, asking questions about what they do, how and why. Then I’d begin mounting my own lab to try to replicate what they were working on so I could learn. Eventually, after demonstrating interest and capability I became part of the security team at the company and I started providing assistance to the customers. To someone that would like to become part of the cybersecurity field, I’d say stay curious. Ask friends, colleagues, forums about topics that are of their interest. But most importantly I believe is test, try to have a small lab in their own computer where they can perform basic tests, break configurations and learn how to recover from that. Also one thing that helped I’d suggest is listening to some podcasts or reading online about the cybersecurity are, it is broad so I’d suggest that they should start with a specific topic and then try broadening their curiosity towards other areas. DevCentral: Tell us a story about the most weirdest, scariest or funniest thing that’s happened while you’ve worked in security. I remember back in the day when I was helping a company obtain their PCI certification, they were a payment processing company. When I walked in and was starting to dimension the project, I realized that they really had no clue what they were doing. Basically they had a server farm where transactions were processed, but everything was being stored in the same server. In other words, they had their web interface, databases, internal processing units stored in the same group of servers, with no segmentation or anything. This, as many security professionals is a really bad practice, as the payment databases should not be exposed to the internet, especially not hosted on the same server that has the client interface for the transaction processing. Once I saw that, someone would say I nearly fainted - I knew that it’d take a long time to convince them that what they’re doing is wrong and they’d need more resources to be able to be certified. Therefore, after a long time planning and explaining what needed to be done, they agreed to listen to my recommendations. We segmented the network, separated the internet facing portion of their app from the database and the processing unit; each one was on a separate network and to access the DB it required VPN access and 2FA, along with other security protection. All in all, by the end of the project (mind you, it was 9+ months of hard work), they were PCI certified to continue processing payments. DevCentral: What’s your take on security certifications? If you have any, which ones have been most helpful in your field? If not, why not? I think security certifications are a good start for people to start gaining experience and exposure to the field. There are some certifications, in my opinion, that can be very helpful in opening doors. However, I believe that there are some certifications that are not really worth spending the time and money. I personally don’t have a current certification, I had a Digital Forensics one that expired, but I’m looking into getting the OSCP in the next year. That is an area that I’d like to explore more, even if it doesn’t open more doors, it is something for my own entertainment. DevCentral: What does Cybersecurity Awareness Month mean to you? How do you help protect your loved ones from threats online? Cybersecurity Awareness Month means that it is an opportunity to tell everyone not in this field about the importance of being safe online, similar to what we tell little kids when they go out on the street. We, the ones with more experience, should tell others about the risks and ways to protect themselves in the virtual world similar to what they’d do in the real world. I usually tell my loved ones that they need to not reuse their own passwords, they have to have a different one for each site the subscribe to, preferably use random passwords and use a password manager. Whenever possible always use two-factor authentication, even if it feels like an extra step and might feel cumbersome. My wife, for instance, tells me that I’m paranoid because of how I keep telling her she needs to change passwords every so often, she was reluctant to use a password manager until she finally caved in and now she’s happily generating random passwords and understands the importance of being safe online. I also tell my friends and family to watch what they post online, always make sure that nothing personal is being shared on their online pictures, check the mirrors around, avoid posting the house number or street name, always double check before posting for anything that they wouldn’t want the rest of the world to know.1.3KViews4likes1CommentF5 Threat Intelligence - Helpers Behind the Scenes
We know that cybersecurity is more than products and tools, it's about the people behind the scenes helping to keep applications safe. To that end, DevCentral is excited to highlight people who work in security for Cybersecurity Awareness Month. Maitreyee Palkar from the F5 Threat Intelligence team shares her work, how she got started in security, and more in this interview. DevCentral: To start, tell us a little a little about yourself, what you do at F5 and why it is important. I am part of the Threat Intelligence team within the Security orginization. Our team looks at worldwide events and cyber threat activity, searching for threats to the F5 enterprise and F5 customers. The work involves a lot of analysis and evaluation of any information we find. The team is also involved in digital forensics and conducts investigations when something goes wrong. DevCentral: How did you get started working in cybersecurity? What’s one piece of advice you’d give someone who wants to do what you do? I started my education as a Computer Engineer, and enjoyed it, but did not want to work in it full-time. It was at this time that I discovered the field of Security. It was perfect, allowing me to flex my analytical, engineering muscles while also allowing for my creative side in thinking outside the box. There are a lot of different aspects within the over-arching "Security" banner, that are not really obvious at first. For anyone who is interested in entering the field, there is certainly something here that you can love doing. DevCentral: Tell us a story about the most weirdest, scariest or funniest thing that’s happened while you’ve worked in security. In this past year, the team has done interesting work in assessing threats posed by the Russia-Ukraine war. Prior to the war, F5 had employees and offices in both Russia and Ukraine. Once the invasion started, the Threat Intelligence team was involved in regularly assessing the situation and providing recommendations for ensuring the security of the F5 enterprise. As the war continues, with international cyber threat activity occurring, the team continues to monitor and assess for any additional threats to F5 or our customers. DevCentral: What’s your take on security certifications? If you have any, which ones have been most helpful in your field? If not, why not? I do have multiple Security certifications. For me, having them means I can prove that I have the required knowledge, and it gives me a boost in confidence knowing I can do this or that new thing that I am trying. However, anyone that has extensive practical experience does not necessarily need a certification. They are more important in Digital Forensics since the training is important to prove if a case evolves into a bigger issue. What certifications someone should get depends on what they are working on and how much experience they have. DevCentral: What does Cybersecurity Awareness Month mean to you? How do you help protect your loved ones from threats online? Well, this is really more of an ongoing effort for me. I try to make sure my loved ones know to not click on suspicious looking links or provide information on suspicious calls or emails. I regularly remind them to make sure they keep their devices up to date and change their passwords, hopefully not reusing them. I also encourage minimal sharing of personal details on social media, especially when travelling I suggest the pictures can be uploaded upon return instead of right away. Check out more articles and videos for Cybersecurity Awareness Month here!1.6KViews1like0CommentsLeverage F5 BIG-IP APM and Azure AD Conditional Access Easy button
Integrating F5 BIG-IP APM’s Identity Aware Proxy (IAP) with Azure AD Conditional Access enables fine-grained, adaptable, zero trust access to any application, regardless of location and authentication method, with continuous monitoring and verification.2.2KViews1like2Comments