F5 Labs

Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.

In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.

Security teams can fulfill the CISOs responsibilities and help business groups become more security-savvy by working through the due diligence and due care process together.

New Apache Struts campaign, Zealot, targets vulnerabilities in Windows, Linux, and the DotNetNuke CMS, then leverages leaked NSA exploits to move laterally through internal networks and mine Monero.

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

Strong security starts with understanding exactly what you need to protect and where it resides within your organization.

F5 Labs researched 433 breach cases spanning 12 years, 37 industries, and 27 countries to discover patterns in the initial attacks that lead to the breach.

Good security is highly dependent on hospital staff being well trained and having the discipline to follow security processes—manual and otherwise—to the letter.

F5 Labs' David Holmes writes for LinkedIn, discussing whether cryptocurrencies are a scam or a revolution.

How this cloud startup met its goals for security and availability right out of the gate by setting goals, doing a risk analysis, and examining tradeoffs.

In Part 3 of this blog series, we demonstrated modeling the threat landscape along with executive threat-modeling. In this blog, we discuss the importance of defining controls.

Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?

Learn about the tricks attackers use to dupe unsuspecting users and how you can help protect them—and your organization.

CISOs who fail to prioritize security awareness training are putting their business and assets at serious risk.

Proposed legislation could change existing laws that bars victims of hacking attacks from striking back.

As the possibility of quantum computing draws nearer, changes to today’s TLS key exchange algorithms will be required.

How to selectively capture packets for further analysis and avoid buying a storage farm.

Email has become such an ordinary part of our daily lives that we can forget how vulnerable it is.

While Reaper might be considered an “object lesson” today, it should serve as a blistering warning that IoT security needs to be fixed now.

Assessing the State of Application Delivery depends on getting information from you about your applications!