F5 Labs

Retail fraud, identity theft, account takeovers, stolen payment cards—it feels like digital fraud is everywhere. Understand it better to fight it more effectively.

A look at multi-cloud security strategies, including the emerging practices of omni-cloud, Functions as a Service, Containers as a Service, cloud security posture management, and data sovereignty.

A look at multi-cloud security strategies, including the emerging practices of omni-cloud, Functions as a Service, Containers as a Service, cloud security posture management, and data sovereignty.

Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place.

Creating an encrypted HTTPS website depends on a lot more than simply throwing a digital certificate at it and hoping for the best. In fact, Transport Layer Security (TLS) and HTTPS misconfigurations are now so commonplace that in the 2021 OWASP Top 10, Cryptographic Failures now comes in second place....

DNS is better known, but some recent high-profile outages are a reminder that Border Gateway Protocol (BGP) failures can take sites down too.

DNS is better known, but some recent high-profile outages are a reminder that Border Gateway Protocol (BGP) failures can take sites down too.

Managing hardened systems without exposing them to unwanted attack vectors is difficult. Jump boxes are one way to do it—learn why and how.

Managing hardened systems without exposing them to unwanted attack vectors is difficult. Jump boxes are one way to do it—learn why and how.

South Africa’s cyberattack landscape saw targeting of Scryba, PHP, and CVE-2017-9841 web vulnerabilities.

South Africa’s cyberattack landscape saw targeting of Scryba, PHP, and CVE-2017-9841 web vulnerabilities.

A detailed look at an 840-Gbps DDoS attack on a financial services provider and a deeper dive into attacking nodes.

A detailed look at an 840-Gbps DDoS attack on a financial services provider and a deeper dive into attacking nodes.

Existing fraud tricks are finding new use in buy now, pay later payment systems.

Existing fraud tricks are finding new use in buy now, pay later payment systems.

Stopping ransomware takes work—F5 looks at the defense techniques of user account management, network segmentation, and data backup.

Stopping ransomware takes work—F5 looks at the defense techniques of user account management, network segmentation, and data backup.

The title of this report is not a typo. “The State of the State of Application Exploits in Security Incidents” is a meta-analysis of several prominent industry reports, each of which covers the state of application security.

The title of this report is not a typo. “The State of the State of Application Exploits in Security Incidents” is a meta-analysis of several prominent industry reports, each of which covers the state of application security.

Mutual Transport Layer Security (mTLS) allows two parties to authenticate each other during the initial connection of an SSL/TLS handshake.