F5 API Security Local Edition
Deployable software that integrates with F5 BIG-IP to deliver API security for air-gapped and cloud constrained environments. Implement within your own infrastructure for local lifecycle management and monitoring.
Deployable software that integrates with F5 BIG-IP to deliver API security for air-gapped and cloud constrained environments. Implement within your own infrastructure for local lifecycle management and monitoring.
Deployed using Docker Compose and Kubernetes, this software is designed to run entirely on your own infrastructure with a dedicated console for API visualization and management, no external connectivity required.
Reconstruct APIs from HTTP traffic with seamless BIG-IP integration to detect undocumented or unmanaged APIs, sensitive data, and authentication gaps via existing data paths—without requiring apps and infrastructure to be rearchitected.
Combine continuous learning and automatically generated API documentation with tools to seamlessly group, tag, and easily manage your API inventory. Easily remove shadow or deprecated endpoints and inventory new endpoints as your API ecosystem evolves.
Pair passive API discovery, vulnerability detection, and monitoring with the in-line enforcement capabilities of BIG-IP Advanced WAF. With enforcement functionality to maintain oversight, control, and security of your internal, air-gapped apps and API endpoints, you can automatically block unknown or unwanted endpoints, limit connections or communication, and protect sensitive data.
API Security Local Edition enables you to seamlessly implement API security within air-gapped, regulated, or cloud-constrained environments with Big-IP hardware and software. Unlock visibility into your APIs, including potential vulnerabilities via existing traffic paths. Designed to run entirely on an organization’s own infrastructure, API Security Local Edition provides lightweight, passive discovery and monitoring of APIs based on BIG-IP HTTP traffic without any external connections.
Enables critical API security capabilities within tightly controlled or air-gapped environments while maintaining the operational integrity and regulatory alignment many industries demand. Delivers rich API visibility, consistent oversight, and proactive defense through BIG-IP Advanced WAF.
Deployable Software
Deployable on an organization’s local infrastructure, including a dedicated console for monitoring and management with no external connectivity required.
Integrates with BIG-IP
Integrate with BIG-IP for critical insights and governance of API security posture.
Passive API Discovery
Reconstruct APIs from BIG-IP HTTP traffic with no additional inline proxy and no traffic redirection necessary.
Import API Schema
Upload existing OpenAPI spec (OAS) files to verify API inventory in production and help identify shadow endpoints.
Governance and Inventory Management
Identify undocumented or unmanaged endpoints. Discovered APIs can be promoted to inventory, while shadow or unauthorized APIs can be removed.
Monitoring and Analytics
Per end-point analytics identify the most used and most vulnerable APIs, including sensitive data and authentication state.
Sensitive Data Detection
Discover, tag, and report on the exposure of sensitive data via APIs.
API Risk Scoring
Calculate a per-endpoint risk score combining behavior and structural risks for each API.
Public cloud providers
F5 application services integrate with major cloud providers and are available directly through marketplace offerings with variable PAYG or perpetual BYOL consumption options.
DAST and SAST providers
Import scanning results to help update signatures.
SIEM, SOAR, and XDR providers
Standard telemetry streaming within automation toolchain enables exportation of signals.
