F5 Labs

Website logins are under constant assault, with attackers quickly modifying their bots to evade simplistic defenses.

Hackers are increasingly turning to data manipulation to accomplish their goals - accessing your data and compromising integrity. F5 Labs' Shahnawaz Backer writes for Businessworld, describing some of the common scenarios and controls to protect yourself.

F5 Labs summer intern describes her experiences building a Python-based HTTPS scanning library for security research and release as an open source tool.

As cybercriminals continue trying to break into applications using legitimate channels, digital identity is a growing target. Learn what digital identity is and the attack methods fraudsters employ at every stage of the identity life cycle.

As organizations make more of their APIs publicly available, it’s important they understand the potential risks of data exposure and establish best practices for securing all APIs.

Securing APIs demands a new approach. See what we can learn from API incidents and where to begin.

How to shift from firefighting to fire suppression.

COVID-19 has changed our business operation models, and attackers have been adapting quickly. Shape's Dan Woods writes for ITProPortal, describing the emerging trends and how different industries need to adapt.

F5 Labs has released a new open-source tool to check for HTTPS misconfigurations of public and internally hosted HTTPS websites.

Cred stuffing isn't going away. Shape's Jarrod Overson writes for InformationSecurityBuzz, examining the ROI of cred stuffing for attackers, and the evolution to "imitation attacks".

Understanding what APIs are, the role they play in modern apps, and the potential risks they pose to organizations.

What’s the minimum security level that regulations require of every organization? Check our list for the lowest bar of reasonable security.

Cybersecurity experts are falling prey to seven myths in the effort to protect their business. Shape's Daniel Woods writes for Forbes, explaining where these myths have led us astray, and how to keep the useful bits while discarding the chaff.

Learn about the technical controls that leading regulators around the world endorse for an effective and secure Open Banking initiative.

In a climate of rampant online fraud, protecting yourself from identity theft requires taking some simple, proactive steps and remaining constantly vigilant.

Under normal circumstances, we wouldn't use user data to track users en masse - but these aren't normal circumstances. F5's Shuman Ghosemajumder writes for DarkReading, discussing the short- and long-term privacy implications of COVID-19.

Starting next year, all companies conducting business with the DoD must pass an audit to obtain the CMMC. This is Part 3 of our CMMC series that covers the assessment process and how CMMC could become the model for all future compliance standards.

The Qbot banking trojan is back, targeting American banks with dedicated campaigns followed by stealth and evasion techniques.

How to move your workforce securely to remote access with zero trust networking.

Longstanding security challenges such as input validation, data exposure, and rate limits are affecting modern gRPC-based applications.