F5 outlines vision for application security at AppWorld 2025
'Modern enterprises face significant challenges when managing the intricate hybrid, multicloud IT landscape where countless applications and APIs are spread across diverse environments. As AI-powered applications become a fundamental part of these distributed systems, complexity is only set to grow', said Mohammed AbuKhater, RVP for the Middle East, Türkiye and Africa at F5, speaking at the event.
According to F5's newly released 2025 State of Application Strategy Report, 96% of organisations are now deploying AI models, which is up from 25% in 2023.
However, for organisations currently deploying AI models, the number one concern is AI model security. And, while AI tools are more autonomous than ever, operational readiness gaps still exist. 60% of organisations feel bogged down by manual workflows, and 54% claim skill shortages are barriers to AI development.
Central to the AppWorld agenda was how the recently announced F5 Application Delivery and Security Platform (F5 ADSP) can help organisations adapt to hybrid, multicloud complexities and meet the demands of modern and AI-powered applications.
F5 Strengthens Security Capabilities in the F5 Application Delivery and Security Platform
F5 ADSP is the industry's first ADC solution that fully converges high-performance load balancing and traffic management with advanced app and API security capabilities into a single platform.
The product of years of investment and innovation, the platform is API-driven and enables consistent policies for every app, in every environment, across all form factors. It can operate seamlessly across high-performance hardware in on-premises data centres, next-generation software in virtualised and hybrid environments, and SaaS for cloud-native environments.
The platform's capabilities were further bolstered at today's AppWorld event, with F5 highlighting a series of broad cybersecurity enhancements, including:
Cloud-Native Protection with F5 NGINXaaS for Azure with NGINX App Protect: NGINX App Protect as an add-on to NGINXaaS (NGINX as a Service) and is now available for Azure deployments. NGINX App Protect is a modern application security solution designed to provide robust protection against an array of threats, including sophisticated attacks, data breaches, and other malicious activities. By integrating NGINX App Protect with NGINXaaS, customers have access to advanced threat protection against modern threats such as the OWASP Top Ten vulnerabilities and zero-day attacks, real-time traffic inspection, and automated security policy management.
NGINX App Protect as an add-on to NGINXaaS (NGINX as a Service) and is now available for Azure deployments. NGINX App Protect is a modern application security solution designed to provide robust protection against an array of threats, including sophisticated attacks, data breaches, and other malicious activities. By integrating NGINX App Protect with NGINXaaS, customers have access to advanced threat protection against modern threats such as the OWASP Top Ten vulnerabilities and zero-day attacks, real-time traffic inspection, and automated security policy management. Scan LLMs for Vulnerabilities: The F5 ADSP now features web app scanning functionality that has been purpose-built to scan for, identify, and assess security vulnerabilities in large language model (LLM) deployments. This new functionality enables organisations to scan LLMs and run penetration testing to uncover LLM-specific vulnerabilities that map to the OWASP Top Ten for LLM Applications.
The F5 ADSP now features web app scanning functionality that has been purpose-built to scan for, identify, and assess security vulnerabilities in large language model (LLM) deployments. This new functionality enables organisations to scan LLMs and run penetration testing to uncover LLM-specific vulnerabilities that map to the OWASP Top Ten for LLM Applications. Expanded API Discovery Tools: F5 has expanded its powerful API discovery tools for use across the ADSP platform to include all F5 BIG-IP deployments, enabling organisations to get full API visibility for applications that utilise BIG-IP. This allows organisations to easily identify exposed APIs for applications in production, without having to migrate them to the F5 Distributed Cloud Console .
F5 has expanded its powerful API discovery tools for use across the ADSP platform to include all deployments, enabling organisations to get full API visibility for applications that utilise BIG-IP. This allows organisations to easily identify exposed APIs for applications in production, without having to migrate them to the . Enhanced Client-Side Defence Capabilities for Greater Compliance: As threat actors search for new attack vectors, client-side browser-based attacks are becoming increasingly prevalent. The latest revision of the Payment Card Industry Data Security Standard (PCI DSS) v4.0 now requires businesses to have client-side protections deployed to mitigate the risks associated with data exfiltration and malicious JavaScript attacks. F5's enhanced client-side defence capabilities bolster defence postures by delivering greater visibility into malicious scripts and the actions that they are taking—identifying risky scripts and where they send data.
Image Credit: F5
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Channel Post MEA
7 days ago
- Channel Post MEA
Most Enterprises Fall Short In AI Readiness: F5
F5 has unveiled its 2025 State of AI Application Strategy Report, revealing that only 2% of global organizations are highly ready to scale AI securely across operations. The report compiles insights from 650 global IT leaders and additional research with 150 AI strategists, representing organizations with at least $200 million in annual revenue. The report unveils stark truths about the state of AI readiness for enterprises today and their ability to adapt at sufficient speeds to keep pace with new innovations. The most notable findings of the report reveal that while 77% of companies demonstrate moderate AI readiness, most lack robust governance and cross-cloud security, exposing them to risks. Meanwhile, 21% of companies fall into the low-readiness category, limiting their competitive edge as AI transforms industries. F5's research reveals trends illustrating the rapid expansion of AI use by today's enterprises. All told, 70% of moderately ready organizations have generative AI in active use, and virtually everyone else is working on it. Additionally, 25% of apps, on average, use AI. Highly ready organizations typically use AI in a much higher percentage, with portfolio-wide saturation expected. Low-readiness organizations use AI in less than one-quarter of their apps, typically in siloed or experimental settings. Moderately ready organizations currently have AI present in about one-third of applications. The report provides a snapshot of the latest trends in enterprises grappling with embracing AI. Nearly two-thirds of survey respondents (65%) use two or more paid models and at least one open-source model. The average organization uses three models, and the use of multiple models correlates with deployment in more than one environment or location. The majority of models in use today are paid models such as GPT-4, but open-source alternatives are also popular. The top open-source models cited are Meta's Llama variants, Mistral AI variants, and Google's Gemma. 'As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment,' said John Maddison, Chief Product and Corporate Marketing Officer at F5. 'This report highlights actionable steps for organizations to operationalize AI with confidence. AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats.' Cybersecurity Challenges in AI Adoption The report highlights critical cybersecurity issues as organizations scale AI capabilities, revealing concerning trends about enterprises' ability to tackle the complexity of securing AI workloads. Key cybersecurity trends identified in the report include: Organizations see AI as a viable cybersecurity asset: 71% of all respondents already use AI to augment security. 71% of all respondents already use AI to augment security. AI-specific protections are lacking: Only 18% of moderately ready organizations have deployed an AI firewall, with 47% aiming to have done so within a year. Only 18% of moderately ready organizations have deployed an AI firewall, with 47% aiming to have done so within a year. Data governance weaknesses: Just 24% of organizations practice continuous data labeling, indicating reduced transparency and increased risks of adversarial attacks. Just 24% of organizations practice continuous data labeling, indicating reduced transparency and increased risks of adversarial attacks. Cross-cloud inconsistencies: Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities. Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities. Expanded attack surface: The use of diverse AI models exacerbates risks without proper control frameworks for open-source tools. Recommendations to Improve AI Readiness The report introduces the AI Readiness Index, a framework measuring six factors of operational maturity, including security and infrastructure alignment. F5 outlines key actions for enterprises to enhance AI scalability and security, including: Diversify AI models: Use both paid and open-source AI tools while improving governance to mitigate risks. Expand AI use across workflows: Move beyond pilots and embed AI in operations, analytics, and security for enterprise-wide transformation. Integrate AI-specific security: Deploy protections like AI firewalls and formalize data governance processes, including data labeling, to safeguard workflows. Organizations with high AI readiness can scale effectively, mitigate risks, and leverage innovation strategically. Those without maturity frameworks face operational bottlenecks, compliance challenges, and stifled growth. The AI Readiness Index serves as a roadmap for enterprises to benchmark progress and implement actionable changes for secure scalability. Download the 2025 State of AI Application Strategy Report to benchmark your readiness, identify gaps, and accelerate secure AI scaling. 'The research in the State of AI Application Strategy Report aligns with what we're observing across the Middle East, where many organisations are increasingly integrating AI into their operations, often without all the necessary levels of governance or safeguards in place,' said Mohammed Abukhater, RVP for the Middle East, Türkiye, and Africa at F5. 'While most companies demonstrate moderate AI readiness, they still need to ensure robust governance and comprehensive cross-cloud security to avoid exposure to significant risks. In line with the report's AI Readiness Index, we are committed to empowering our customers to embed AI in their operations for seamless application delivery and security.'
Tahawul Tech
17-07-2025
- Tahawul Tech
F5 researches the efficacy of enterprise AI
F5, an application security vendor, recently conducted research into enterprise adoption of Artificial Intelligence (AI). They discovered that while enterprises are adopting AI, they face significant challenges in security, governance and scalability, with only 2 per cent considered highly ready. In its 2025 State of AI Application Strategy Report, F5 revealed 25 per cent of applications typically use AI, but many organisations lack the robust frameworks needed to scale it securely across operations. F5 stated highly AI-ready organisations integrate the technology extensively across their app portfolios. In contrast, low-readiness companies use AI in less than a quarter of their apps, typically in siloed or experimental settings. Moderately ready companies use AI in about 33 per cent of applications, with 70 per cent actively using generative models. On average, 25 per cent of apps use AI. F5 stated 71 per cent of organisations use AI to boost security, but only 31 per cent have deployed specific protections including firewalls. Data governance remains weak, with just 24 per cent practising continuous data labelling, increasing vulnerability to attacks. F5 noted hybrid cloud environments further complicate governance and expose workflows to added risks. Most enterprises employ multiple AI models, averaging three per organisation and combining paid models including GPT-4 with open-source alternatives including Meta Platforms' Llama, Mistral AI variants and Google's Gemma. F5 gathered insights from 650 global IT leaders and additional research with 150 AI strategists, representing organisations with at least $200 million in annual revenue. Source: Mobile World Live Image Credit: Stock Image
Arabian Post
07-07-2025
- Arabian Post
CareSuper Opts for Major Azure Cloud Shift
Australian super fund CareSuper has chosen Macquarie Cloud Services to migrate its entire VMware Cloud on AWS infrastructure—including hundreds of applications and petabytes of member data—to Microsoft Azure. The fund, which manages over AUD 57 billion for more than 573,000 members, has engaged Macquarie to modernise its databases, implement platform‑as‑a‑service solutions and consolidate workloads into a new Azure landing zone. This high‑stakes move follows a wave of 'repatriation from AWS' driven by increasing costs and architectural constraints. Macquarie's head of Azure, Naran McClung, describes the strategy as more than simply 'moving away' from AWS—it's about 'moving forward', delivering a future‑ready platform aligned with long-term operational goals. CareSuper's chief technology officer, Simon Reiter, emphasises the transformation is designed to optimise operations and deliver sustainable value, not just immediate savings. He notes decisions must serve members 'not just today, but five years from now', and asserts Macquarie's combined delivery and managed service capabilities were a crucial factor. ADVERTISEMENT Macquarie Cloud Services has agreed to assume full risk for the migration, committing to zero upfront cost for CareSuper and taking accountability for the success of the project. The full risk model underscores the vendor's confidence and aligns incentives around outcomes and operational maturity. A central feature of the engagement is Macquarie's Microsoft Azure Expert Managed Services Provider status, held for four consecutive years—a distinction shared by only a few providers in the Asia‑Pacific region. McClung highlights that the Azure team has grown by approximately 20 percent annually since 2020, underscoring both internal investment and evolving client needs. Regulatory, security and efficiency trends are reshaping superannuation technology strategies. Larger cloud providers increasingly offer edge and localised zones to meet data sovereignty demands. Azure's strengths in compliance for industries such as finance and superannuation, particularly in Australia, likely influenced CareSuper's decision. Operationally, the project spans beyond straightforward lift‑and‑shift migration. Macquarie will modernise databases for cloud-native performance, leverage PaaS services to reduce complexity, and deploy edge‑local Azure offerings to lower latency and enhance local resilience. Industry analysts view Macquarie's risk‑assumption model as a possible new benchmark. Aligning provider incentives more closely with client outcomes may foster improved delivery and tighter project governance. However, terms must be carefully structured to prevent scope reductions or quality compromise, and to ensure future cost structures are transparent. Strategically, Azure's hybrid cloud and edge capabilities offer super funds a path to innovation—supporting machine learning, real‑time analytics and next-generation services. Macquarie's role extends to delivering 24/7 support, governance, security monitoring and roadmap guidance, enabling CareSuper to focus on member‑centric developments rather than infrastructure upkeep. Some super funds remain cautious, weighing dependency on single hyperscalers against sovereign and security concerns. Hybrid cloud architectures and managed service partners like Macquarie aim to provide a middle ground: the agility of the cloud, localised resilience, and expert oversight by a domestic provider. The migration, covering hundreds of applications and petabytes of data, presents a significant technical challenge. Successful execution will hinge on rigorous discovery, workload mapping, integration planning and real‑time adaptation—capabilities Macquarie claims to possess. This pivot to Azure is emblematic of broader Australian enterprise trends. Cost management, customisation limits and lock‑in risks have prompted organisations to reassess their AWS investments. A pivot to hybrid Azure landscapes, combined with domestic partners, is emerging as a strategic alternative. CareSuper and Macquarie plan a phased migration commencing immediately, designed to minimise disruption while transitioning over months. The fund expects operational efficiencies, increased agility and stronger compliance assurance once the modernised cloud environment is fully in production.
