SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Secure data center ai brain zero trust hybrid cloud crypto
#
Firewalls
#
Encryption
#
Hyperscale

F5 boosts AI app security with zero trust, post-quantum

Thu, 12th Mar 2026
Author image
By Mark Tarre, News Chief

F5 has announced new security and operations updates for its Application Delivery and Security Platform, focused on protecting AI-driven applications, expanding zero trust access controls, and preparing customers for post-quantum cryptography.

The updates span F5's portfolio across BIG-IP, NGINX, and Distributed Cloud Services. They include tools for AI model vulnerability remediation, web application firewall automation, bot and agent traffic controls, and expanded observability through a new product, F5 Insight for ADSP.

F5 said the changes respond to the way applications now run across data centres, multiple clouds, and edge sites. The shift has created more traffic paths, more APIs, and more security policy surfaces, along with new risks tied to AI agents and emerging cryptographic requirements.

"Security teams do not need more alarms. They need fewer gaps," said Kunal Anand, Chief Product Officer at F5. "ADSP closes the loop from finding risk to enforcing protection. That includes moving from identified AI model vulnerabilities to validated runtime guardrails, AI-powered risk scoring, and a practical path to zero trust and post-quantum readiness. The point is simple: move faster while reducing your threat landscape."

AI security tools

A central element of the update is a new feature called F5 AI Remediate, which sits alongside F5 AI Red Team and F5 AI Guardrails. F5 described AI Remediate as a way to turn identified AI model vulnerabilities into runtime protections by automating the creation, optimisation, and validation of "guardrail packages," with human approval required before deployment.

F5 has also added AI-powered risk scoring to the latest Distributed Cloud WAF release. The goal is to convert manual steps into automated protections and reduce the effort required to tune policies across large application estates. F5 also highlighted outcome-based blocking policies and layered analysis designed to keep false positives low.

The announcements also address "agentic" AI-software agents that act on behalf of users or organisations. F5 has added new capabilities to Distributed Cloud Bot Defence, including deeper visibility into application traffic and clearer separation of humans, bots, and AI agents. Under the new controls, only trusted and verifiable AI agents are allowed to interact with applications.

Zero trust access

On access controls, F5 is evolving BIG-IP Access Policy Manager into BIG-IP Zero Trust Access as part of its broader platform strategy. The product is positioned for zero trust application access across environments that include cloud services and older applications.

BIG-IP Zero Trust Access supports Identity Aware Proxy, SSL VPN, and IPsec VPN. F5 also said it is post-quantum cryptography-ready, using identity and context signals with per-request validation to limit lateral movement.

API protection also featured in the update. F5 is adding options within Distributed Cloud API Security, including out-of-band discovery across multiple data planes. Supported environments include BIG-IP, NGINX, Kong, and Apigee. F5 also announced a deployable API security software option for air-gapped, highly regulated, and cloud-constrained environments.

Post-quantum shift

F5 is adding crypto-agile support within ADSP, including hybrid TLS cipher groups. The aim is to introduce post-quantum protections while maintaining compatibility with existing cryptographic processes.

The post-quantum theme also runs through the operations and platform updates. F5 said upcoming BIG-IP software releases will add support for NIST-compliant cryptographic ciphers.

Platform operations

Alongside the security releases, F5 introduced F5 Insight for ADSP, which it described as part of the platform's "XOps" component. The product provides end-to-end observability and analytics for teams running BIG-IP, using OpenTelemetry to collect and use telemetry data.

F5 said Insight will be available as self-managed software, with a SaaS model planned. It is generally available for BIG-IP, with support expected to expand to NGINX and Distributed Cloud Services.

"Most operations teams are stuck babysitting complexity they did not sign up for," Anand said. "They have a dozen tools, a thousand alerts, and not enough signal. F5 ADSP collapses that mess into a platform. With F5 Insight, we turn scattered telemetry into a clear story and the next best action. Then we extend that foundation for agentic AI workloads and future-focused cryptography, because the infrastructure is changing, ready or not."

F5 also outlined a forthcoming BIG-IP v21.1 release, which it said will add post-quantum cryptography updates and introduce quantum-resistant TLS and SSL VPN tunnelling in BIG-IP Zero Trust Access. It will also add protections for Model Context Protocol traffic, session persistence functions, OpenAPI 3.1-related protections for WAF policies, and security coverage for HTTP/3 attack patterns such as cross-site scripting and SQL injection.

NGINX will also receive updates tied to AI agent observability. F5 said NGINX can inspect Model Context Protocol metadata in the traffic path and surface request patterns and performance signals. The functionality is generally available in NGINX Open Source, with enterprise support and additional capabilities available through NGINX Plus.

On commercial packaging, F5 said it has simplified how it sells Distributed Cloud Services. It introduced two starter packages-Essentials and Enterprise-which bundle services including CDN and API security.

"F5 is addressing operational challenges while also enabling more effective AI application deployments and proactively preparing for future needs," said Paul Nicholson, Research VP, Cloud and Datacenter Networks at IDC. "A key highlight is F5 Insight, which delivers the visibility and actionable intelligence customers require, with notable AI capabilities. Combined with MCP enhancements for AI applications and PQC support, F5 is meeting requirements for modern applications. Collectively, these advancements enable organisations to optimise operations, strengthen security, and scale across their environments."

F5 said BIG-IP v21.1 is targeted for general availability in the second quarter of calendar year 2026.

Related stories
Black Box Automation vs. Engineer Control: The partnership redefining Kubernetes FinOps
Automotive microcontroller market set to hit USD $15.1bn
BlackBox Hosting partners Everpure for sovereign cloud
Locai Labs deploys AI coding assistant at First Light Fusion
Vodafone & Google Cloud launch AI & security tools

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack