F5 has announced the launch of F5 Distributed Cloud App Infrastructure Protection (AIP), a cloud workload protection solution that expands application observability and protection to cloud-native infrastructures. 

Powered by technology acquired with Threat Stack, AIP is the newest addition to the F5 Distributed Cloud Services portfolio of cloud-native SaaS-based application security and delivery services.

Organisations in Australia and New Zealand of all sizes across industries are in the midst of efforts to simplify, secure, and innovate application-driven digital experiences. 

However, many face the challenge of managing distributed and hybrid application infrastructures composed of workloads across on-premises, public cloud, and edge locations. It creates tremendous complexity and increases the security threat surface. As a result, customers are forced to deploy inconsistent security controls and need more visibility, particularly for cloud-native deployments.

Attacks exploiting Log4j and Spring4Shell can evade signature-based detection defence mechanisms and target vulnerabilities and misconfigurations within application infrastructure. 

Distributed Cloud AIP brings deep telemetry collection and high-efficacy intrusion detection for cloud-native workloads and - when combined with the in-line application and API security from F5 Distributed Cloud WAAP - delivers a defence-in-depth approach to security threats that span across applications, APIs, and the cloud-native infrastructures where they run.

“Organisations are managing a dauntingly complex mix of hybrid and multi-cloud application architectures that can slow the pace of digital innovation and create subsequent security risks,” says Kara Sprague, Executive Vice President and Chief Product Officer F5. 

“The addition of AIP fills a critical need for customers as they look for ways to extend robust security controls to multiple cloud infrastructures where they run their modern applications.”

Many organisations are now deploying microservices-based applications on cloud-native infrastructure and connecting them through APIs. This approach to application development can radically increase the pace of innovation while lowering the total cost of ownership. 

However, vulnerabilities and misconfigurations at the infrastructure level leave these applications open to attack from internal and external bad actors. These intruders leverage vulnerabilities in cloud services or stolen keys to get access to cloud-native resources, where they can move freely throughout the infrastructure, inject malware, run cryptominers, or access sensitive data.

F5 Distributed Cloud App Infrastructure Protection addresses these challenges through various features, including a combination of rules and machine learning to detect threats in real-time across the entire infrastructure stack: cloud provider APIs, virtual machine instances, containers, and Kubernetes. In addition, with behavioural-based detection, AIP can identify insider threats, external threats, and data loss risks for modern applications.

The AIP detects and alerts anomalous behaviour impacting workloads to inform operations teams of potentially malicious activity that may require further action to block or remediate.

The AIP complements existing signature and behavioural-based threat detection capabilities with actionable insights from advanced telemetry and detection of post-exploit activity at the app and cloud infrastructure level.

F5 Distributed Cloud AIP managed security services have an “always-on” security operations centre team that detects, triages, and investigates threats and provides remediation recommendations on behalf of customers.

Finally, AIP Insights, provides custom platform analytics and ongoing coaching from F5's cloud security experts to help customers build a more robust cloud SecOps strategy and better achieve their goals.