Blog posts on Security
Security blog posts(36)

Architecting for AI: Secure, scalable, multicloud
Operationalize AI-era multicloud with F5 and Equinix. Explore scalable solutions for secure data flows, uniform policies, and governance across dynamic cloud environments.
By Lori Mac Vittie
Multicloud data replication takes a village
Secure and scale multicloud data replication for AI. Learn how F5 and Equinix enable policy-driven connectivity, governance, and seamless network control.
By Lori Mac Vittie
Multicloud chaos ends at the Equinix Edge with F5 Distributed Cloud CE
Simplify multicloud security with Equinix and F5 Distributed Cloud CE. Centralize your perimeter, reduce costs, and enhance performance with edge-driven WAAP.
By Lori Mac Vittie
How AI inference changes application delivery
Learn how AI inference reshapes application delivery by redefining performance, availability, and reliability, and why traditional approaches no longer suffice.
By Lori Mac Vittie
WAAP Evolution: From ‘Web App and API’ to ‘Web, API, and AI’ Protection
WAAP evolves to include AI protection. Learn why web, API, and AI security are crucial in our latest research.
By Lori Mac Vittie
API Security: Programmability Is Required
Programmability is essential for API security, enabling testing, threat mitigation, seamless upgrades, and integration. It’s crucial for handling zero-day vulnerabilities.
By Lori Mac VittieApplication Delivery and Security for AI Applications: Navigating Modern AI Architecture
Discover how generative AI applications and API security are shaping modern application delivery and security.
By Lori Mac Vittie
QUIC+HTTP/3 Support for OpenSSL with NGINX
We discuss how NGINX’s OpenSSL Compatibility Layer circumvents challenges with QUIC TLS interfaces that are not currently supported by OpenSSL.
By Prabhat DixitUsing 1Password CLI to Securely Build NGINX Plus Containers
With 1Password’s CLI tool, you can ensure the security of your NGINX Plus containers from the moment you build them. Learn more in this quick guide.
By Cody GreenMulti-Cloud API Security with NGINX and F5 Distributed Cloud WAAP
Navigate the complexity of distributed environments and securely deliver APIs at scale with this three-tier approach to hybrid and multi-cloud architectures.
By Andrew StiefelAnnouncing the Open Source Subscription by F5 NGINX
Get enterprise support, features, and simplified administration for NGINX Open Source with the new Open Source Subscription by F5 NGINX. Ensure timely patches, regulatory compliance, confidentiality, ...
By Jenn GileThe Mission-Critical Patient-Care Use Case That Became a Kubernetes Odyssey
A healthcare tech company migrated to Kubernetes, reduced downtime, and improved visibility with Azure Kubernetes Service and NGINX.
By Jenn Gile2 Ways to View and Manage Your WAF Fleet at Scale with F5 NGINX
We highlight two ways to improve app security: increase visibility into WAF operation with NGINX Management Suite and implement security-as-code-with NGINX App Protect WAF.
By Fabrizio Fiorucci, Thelen BlumNGINX Tutorial: How to Securely Manage Secrets in Containers
Learn how to safely use and distribute secrets in containers, using a mix of Linux tools and secrets management systems.
By Robert Haynes
Why Managing WAFs at Scale Requires Centralized Visibility and Configuration Management
NGINX Management Suite makes security easier and more reliable with centralized visibility and configuration management of NGINX App Protect WAF.
By Thelen BlumArchitecting Zero Trust Security for Kubernetes Apps with NGINX
Protect your users, distributed applications, microservices, and APIs at scale and end-to-end across any environment – on-premises, hybrid, and multi-cloud.
By Ilya KrutovConnect, Scale, and Secure Apps and APIs with F5 NGINX Management Suite
NGINX Management Suite provides holistic visibility and control of NGINX instances, application delivery services, API management workflows, and security solutions.
By Jenn GileAutomate Security with F5 NGINX App Protect and F5 NGINX Plus to Reduce the Cost of Breaches
Lower data breach costs by 80% by adding automation and AI into your security solution with F5 NGINX App Protect and F5 NGINX Plus for DoS protection, WAF, and authentication and authorization.
By Thelen Blum, Matthieu Dierick
NGINX Tutorial: Protect Kubernetes Apps from SQL Injection
Web apps are a common target for hackers looking to exploit vulnerabilities and obtain sensitive information. In this tutorial, Daniele Polencic of Learnk8s demonstrates how you can improve Kubernetes...
By Daniele PolencicAnnouncing NGINX Plus R26
NGINX Plus R26 introduces faster JWT validation with JSON Web Key Set caching and hardened TLS handshakes for improved security. New NGINX JavaScript features include enhanced support for asynchronous...
By Robert HaynesSecure Your gRPC Apps Against Severe DoS Attacks with NGINX App Protect DoS
gRPC provides the speed and flexibility developers need to design and deploy modern applications, but its open nature makes it highly vulnerable to Layer 7 DoS attacks. NGINX App Protect DoS protects ...
By Yaniv Sazman, Thelen BlumSix Ways to Secure Kubernetes Using Traffic Management Tools
Explore six use cases where Kubernetes traffic‑management tools -- including F5 NGINX App Protect, Ingress Controller, and Service Mesh -- solve security problems. Help your SecOps teams collaborate w...
By Jenn GileBringing F5 and NGINX WAF Policies into Controller App Security
With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all...
By Daphne WonFortifying APIs with Advanced Security
The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security team...
By Karthik KrishnaswamyHow NGINX App Protect Denial of Service Adapts to the Evolving Attack Landscape
We explain how NGINX App Protect Denial of Service (DoS) adapts its mitigation methods in real time to protect against Layer 7 DoS attacks. By creating a model of normal user behavior and server healt...
By Vadim KrishtalNGINX App Protect Denial of Service Blocks Application-Level DoS Attacks
NGINX App Protect Denial of Service (DoS) protects your modern applications against sophisticated application-level (Layer 7) DoS attacks, including GET and POST flooding, Slowloris, Slow read, slow P...
By Yaniv SazmanMitigating Security Vulnerabilities Quickly and Easily with NGINX Plus
An often-overlooked benefit of NGINX Plus is how it makes protecting yourself against security threats quick and easy. We proactively inform NGINX Plus subscribers of security vulnerabilities and patc...
By Laurent PétroqueDeploying NGINX as an API Gateway, Part 2: Protecting Backend Services
In the second post in our API gateway series, Liam shows you how to batten down the hatches on your API services. You can use rate limiting, access restrictions, request size limits, and request body ...
By Liam Crilly
Protecting SSL Private Keys in NGINX with HashiCorp Vault
The second post of our series about protecting SSL private keys shows how to set up HashiCorp Vault to store the passwords that protect private keys, and to configure NGINX to retrieve the passwords. ...
By Owen Garrett
Secure Distribution of SSL Private Keys with NGINX
We describe three progressively more secure ways to protect SSL private keys when configuring NGINX to handle HTTPS traffic: allowing read access only to the root user, encrypting keys with separately...
By Owen Garrett