Featured Article

Kara Sprague, Executive Vice President and Chief Product Officer at F5 – Q&A

Kara Sprague is the newly appointed chief product officer at F5. We recently caught up with Kara to learn more about her new role, F5’s adaptive applications vision, and what steps she and F5 are taking to help customers simplify their operations and secure, deliver, and optimize their applications and APIs—today and in the future.

Q: What are the top challenges for F5 customers that you’ll be working on as chief product officer?

A: At F5, we believe that applications are the most valuable asset of the modern digital enterprise. Applications and APIs (as the windows into those applications) are essential building blocks for new and better digital experiences that improve customer and employee engagement, streamline backend operations, and drive differentiation. However, in this era of application capital, organizations are challenged by both growing complexity in their application deployments and rapidly increasing risk from cybersecurity threats.

At F5, we are investing heavily in multi-cloud application security and delivery solutions, including a growing portfolio of SaaS solutions built on the F5 Distributed Cloud Platform. Our solutions help customers achieve better security, improve application performance and resilience, speed app and API deployments, and unify policy across on-premises, public cloud, and edge deployments.

Q: How will customers benefit from the creation of the new chief product officer position?

A: F5 now has one executive vice president and member of the executive leadership team with responsibility across the entire portfolio of multi-cloud application security and delivery solutions. This change will help us serve our customers better by streamlining decision making, increasing collaboration and innovation across the portfolio, and enabling faster mobilization and alignment of resources to take advantage of new opportunities. In particular, this new alignment will accelerate our work to deliver additional SaaS offerings on the F5 Distributed Cloud Platform and enable organizations to simplify otherwise complex application security and delivery operations, spanning traditional and modern applications and across on-premises, public cloud, and edge environments.

Q: How is F5 helping customers address application security and other critical challenges?

A: F5 is building a portfolio of solutions that will make the security and delivery of applications significantly safer and easier for all organizations. F5's product portfolio includes a broad range of solutions that secure, deliver, and optimize applications and APIs in any data center, public cloud, or edge location. In addition, F5 provides customers with unmatched flexibility and choice in terms of deployment and consumption models.

Security is a key component of each one of our product families. F5 BIG-IP has a robust set of security modules, offering strategic protections that are widely deployed within our customer base. F5 NGINX has a growing security profile with NGINX App Protect at the center of all key NGINX use cases—including secure API connectivity, secure app connectivity, and secure Kubernetes connectivity. And then, of course, there is F5 Distributed Cloud Services, which includes our cloud Web Application and API Protection (WAAP) offering, our bot defense and risk management solutions, as well as a growing number of additional SaaS services that our customers use to strengthen the security of their applications and application infrastructures. 

The newest addition to our F5 Distributed Cloud Services portfolio of cloud-native SaaS-based services is F5 Distributed Cloud App Infrastructure Protection (AIP). Powered by technology acquired with Threat Stack, AIP is a cloud workload protection solution that expands application observability and defense to cloud-native infrastructures. AIP brings deep telemetry collection and high-efficacy intrusion detection for cloud-native workloads. When combined with in-line F5 Distributed Cloud Web Application and API Protection (WAAP), AIP delivers a defense-in-depth approach to security threats that span applications, APIs, and the cloud-native infrastructures where they run. 

Although hybrid- and multi-cloud environments can be complex and difficult to manage, we believe they are here to stay. Our commitment to our customers is to enable them with flexibility and choice to select the right deployment and consumption model for each app or app component. 

As evidence of how much customers value our approach, we recently passed an important milestone—$1 billion in annual security revenue—which makes F5 one of the world’s leading cybersecurity companies and the second largest focused on application security.

Q: Can you explain F5’s adaptive applications vision and what it means for your customers?

A: Adaptive applications bring intelligence and real-time changes to application deployments, which traditionally are mostly static and manual. Adaptive apps take advantage of emerging technologies and use an architectural approach that facilitates rapid and fully automated responses to variables of consequence, such as new cyberattacks, updates to security postures, application performance degradations, or rapidly changing conditions across one or more infrastructure environments. These apps are enabled by the collection and analysis of live application and security telemetry, the orchestration of dynamic service management policies, and robust automation toolchains.

With adaptive applications, we will enable our customers to more rapidly detect and neutralize security threats, improve application performance and resilience, reduce the time needed to deploy new applications and APIs, and reduce the cost of implementing app security and delivery policies across on-prem, public cloud, and edge environments—all by orders of magnitude and across modern and legacy applications. Put simply, we aspire to deliver for our customers a 10x improvement across four dimensions: security, performance and resilience, deployment speed, and policy unification.

Q: What about the new role do you personally find most exciting or challenging?

A: I am an insatiable learner. F5 is an organization and a business undergoing continuous transformation. Just five years ago, our business was roughly 90 percent hardware, deployed on-premises and sold through a perpetual licensing model. Today, F5 is a software-led business, with capabilities that span on-premises, public cloud, and edge, and our customers have their choice of several different deployment and consumption models. F5 used to be a company that did only load balancing. Now, we’re a leader in application delivery and security. F5 used to focus on technologies for our customers’ most mission-critical apps in their on-premises data centers. Today, customers come to F5 for robust security and app delivery capabilities for all of their applications. We now offer a broad range of deployment options, ranging from hardware to software to SaaS and managed services, as well as many new capabilities, such as fraud and risk management, application infrastructure protection, and multi-cloud networking.

When I look forward, what I'm most excited about is freeing customers and their applications from the tyranny of infrastructure, thereby unlocking more powerful and extraordinary digital experiences.

From the dawn of enterprise computing, applications have been tightly coupled to the infrastructure they run on. This tight coupling has reduced over time as enterprise computing models have evolved from mainframes and monoliths to client-server, to three-tier architectures, and now to containers and microservices. However, the coupling remains, with each new infrastructure environment (on-premises, public cloud a, public cloud b, edge cloud a, and so on) adding layers of complexity and cost for organizations whose value-add lies in application and API business logic, not in managing or optimizing the underlying infrastructure.

Between F5’s broad portfolio of multi-cloud application security and delivery capabilities, and the unmatched flexibility and choice we offer in terms of deployment and consumption models, customers now have the tools to fully abstract their applications and APIs from the underlying infrastructure. This shift will enable customers to realign their operations processes to optimize for end-to-end digital experiences, spanning several apps and APIs, rather than continuing to be optimized around vertical application and infrastructure stacks.

My focus as chief product officer is two-fold: building new SaaS-based services on our F5 Distributed Cloud Platform and enabling our customers to radically simplify the security and delivery of extraordinary digital experiences.