F5 Labs

Cred stuffing isn't going away. Shape's Jarrod Overson writes for InformationSecurityBuzz, examining the ROI of cred stuffing for attackers, and the evolution to "imitation attacks".

Understanding what APIs are, the role they play in modern apps, and the potential risks they pose to organizations.

What’s the minimum security level that regulations require of every organization? Check our list for the lowest bar of reasonable security.

Cybersecurity experts are falling prey to seven myths in the effort to protect their business. Shape's Daniel Woods writes for Forbes, explaining where these myths have led us astray, and how to keep the useful bits while discarding the chaff.

Learn about the technical controls that leading regulators around the world endorse for an effective and secure Open Banking initiative.

In a climate of rampant online fraud, protecting yourself from identity theft requires taking some simple, proactive steps and remaining constantly vigilant.

Under normal circumstances, we wouldn't use user data to track users en masse - but these aren't normal circumstances. F5's Shuman Ghosemajumder writes for DarkReading, discussing the short- and long-term privacy implications of COVID-19.

Starting next year, all companies conducting business with the DoD must pass an audit to obtain the CMMC. This is Part 3 of our CMMC series that covers the assessment process and how CMMC could become the model for all future compliance standards.

The Qbot banking trojan is back, targeting American banks with dedicated campaigns followed by stealth and evasion techniques.

How to move your workforce securely to remote access with zero trust networking.

Longstanding security challenges such as input validation, data exposure, and rate limits are affecting modern gRPC-based applications.

CAPTCHA solver networks that use humans in the developing world to enable large-scale bot attacks demonstrate the need for a new approach to security controls.

The healthcare industry is adopting a decade of digital transformation in a matter of months, with the risk exposure to match. F5 Labs' Preston Hogue writes for SecurityWeek, discussing the vital need for security expertise to lend a hand.

Telecom touches everything that everyone does, and the insertion points are nearly limitless. F5 Labs' Preston Hogue writes for SecurityWeek, discussing the specific prevention measures telecom providers can take to protect themselves and their customers.

The three most effective steps you can take in under an hour to guard against identity theft.

In part two of this three-part series, we dive deeper into CMMC, look at CMMC control sets in more detail, and discuss how to prepare for an audit.

This is the most in-depth version of the 2019 Application Protection Report. It contains research and data from all of the 2019 episodes, updated with 2019 breach trends that paint a clearer picture of where application threats are heading. Cancel some afternoon meetings and take a deep dive with us!...

The shift to cloud-based services doesn't eliminate risk, and it doesn't mean the risk becomes someone else's problem. F5 Labs' Ray Pompon writes for Data Centre Review Magazine, discussing the specific strategies you can take to keep your cloud safe.

Learn about authentication, authorization, and security misconfiguration in API compromises by exploring this capture-the-flag game.

COVID-19 has turned the tech world upside down. Read what a future IT director thought we did right—and what went terribly wrong.