F5 boosts API security & networking in cloud update

F5 has released a major update to its Application Delivery and Security Platform, adding broader API discovery, expanded threat detection features and new networking tools aimed at complex hybrid and multicloud environments.

The enhancements sit within version 7.0 of F5 Distributed Cloud Services. The company said the release deepens the role of its cloud-based services inside the wider platform and increases visibility and control around APIs.

APIs now sit at the centre of enterprise application architectures and security models. F5 framed the release as an attempt to address the growing cost and complexity of managing them across on-premises and cloud infrastructure.

“APIs are everywhere, powering every connection across apps, users, and data,” said Kunal Anand, Chief Product Officer at F5. “With these new capabilities, we give organizations unified visibility and control over APIs-whether supported by F5 BIG-IP, F5 NGINX, or Distributed Cloud Services, or within air-gapped environments. We're collapsing complexity, giving teams instant control over bot defense, cloud-native operations, and network connectivity, all in one platform. The result: enterprises can innovate faster, defend smarter, and scale anywhere, without compromise.”

The update introduces expanded API discovery and visibility options across multiple environments. F5 said customers can map hidden endpoints, track sensitive data flows and identify inconsistent controls across BIG-IP, NGINX and other proxies and gateways. The approach does not require changes to application architectures or traffic paths.

API discovery for BIG-IP is now generally available. It provides out-of-band visibility across BIG-IP TMOS systems from version 15.1 onwards. The company said this gives operations and security teams a way to build an inventory of APIs that run through existing BIG-IP estates.

API discovery for NGINX and additional proxies and gateways is available in early access. The initial list covers NGINX Open Source, NGINX Plus, Kong and Apigee. F5 said these integrations support a unified view of APIs in heterogeneous environments that use more than one gateway or reverse proxy.

For customers with strict data sovereignty or regulatory requirements, F5 has introduced a local API discovery option. This early access feature runs in air-gapped environments. It delivers internal API visibility without sending data to a cloud service.

The 7.0 release also adds new API testing and detection features. F5 said it has broadened coverage of weaknesses described in the OWASP API Top 10.

The update targets categories such as Broken Object Level Authorization, Broken Authentication, Broken Object Property Level Authorization and Broken Function Level Authorization. The company said the new checks support earlier identification of suspicious behaviour and configuration issues in complex API estates. F5 also highlighted a focus on preventing attacks and exploits that target authorisation flaws.

F5 has updated its Distributed Cloud Bot Defence product with closer integration into its managed services. The company described this as an expansion of self-service options through native routing inside the console. It said this simplifies onboarding of applications and services for bot protection.

Customers can apply bot protection policies from the same interface that routes application traffic. F5 said this reduces the amount of configuration work and specialist skills needed during deployment.

The new features give customers more direct control over bot detection policies and rule management. Security teams can modify and deploy rules in line with changing attack patterns or business conditions.

F5 said organisations can adjust bot defence strategies for their own risk profiles. It positioned this as a way to maintain protection against automated threats while limiting false positives and operational disruption.

The company has also enhanced investigation tools. Analysts can now use advanced filtering rules with regular expression operators and additional filters such as “contains”, “not contains”, “starts with” and “ends with”. F5 said this improves threat analysis and shortens incident resolution times.

The release contains operational updates for cloud-native environments that use Kubernetes and Consul. F5 has added a modernised service discovery framework for these platforms.

Customers can map discovered services to individual tenants in a more granular way. F5 said administrators can then apply role-based access control. It described this as a way to improve isolation between namespaces and simplify secure access management during growth of container workloads.

On the networking side, F5 has extended features in its Distributed Cloud Network Connect service. The product now supports external connectors and BGP routing policies.

Network Connect can automatically create secure tunnels to SD-WAN routers and third-party networking devices. F5 said this widens the range of sites and networks that can attach to its service without manual tunnel configuration for each endpoint.

New BGP routing controls give enterprises more detailed management of traffic flows. Users can apply inbound and outbound route filtering and more advanced customisation. F5 said enhancements to debug visibility assist with troubleshooting and operational assurance in distributed networks.

The company described the combined updates as a further step in its platform strategy, with Distributed Cloud Services taking a larger role within the overall Application Delivery and Security Platform.