Sessions

We are excited to offer a lineup of breakouts, discussion forums, and quick hit sessions at Agility 2022.

Select a subject you're interested in and dive deeper into content offering during this year's conference.

Discussion Forums

The State of Application Strategy 2022: A Sneak Peek

F5 has compiled responses to our latest State of Application Strategy survey from almost 1,500 decision makers and influencers across the globe and from every industry. We've uncovered insights about cloud, edge, operations, and the critical role technology will play in enabling digital business. See a sneak peek of these findings and what it tells us about the state of application strategy in 2022.

When Performance Matters: Choosing Between NGINX Ingress Controllers

There are two popular open source Kubernetes Ingress controllers that use NGINX and a commercial version based on NGINX Plus that is developed and supported by NGINX. These projects all started around the same time, have similar names on GitHub, and implement the same function. Join this lightning talk to learn how they differ and how to choose an Ingress controller that's best for your needs.

Mitigating Multi-Vector Attacks with F5

Once upon a time, cybercriminals focused on a single targeted vector when launching an attack. Now, they’ve stolen a page from the “good guys”: if security can be layered, why can’t attacks? More attacks on businesses today incorporate attacks across multiple vectors to deliver one, consolidated attack stream. It isn’t uncommon for a company to be hit by a phishing campaign that spreads credential thieving malware along with a ransomware attack coupled with a distributed denial-of-service (DDoS) attack. The nefarious thinking is to overwhelm the business, so it’ll be more willing to pay a ransom to stop all the attacks. It’s a shrewd but despicable way to stress an organization to its breaking point.
To help you mitigate attacks of this nature, F5’s portfolio of market-leading security and application delivery controller (ADC) products can be deployed in a mode to stop each attack while continuing to deliver strong, continuous protection for your organization, data, and users.

F5’s One WAF

It’s an evolving arms race to protect your apps and mitigate the threats against them. Every time the “good guys” step up our game, attackers try, and sometimes succeed, to leapfrog the enhancements. How can you ensure that your applications remain protected with a baseline of security—including a web application firewall (WAF), denial-of-service (DoS) attack protection, and now API protection—that will serve as a sturdy, dependable foundation for your application layer security defense?
Learn how F5’s application layer security portfolio provides the sturdy, formidable foundation required to address today’s always growing, sophisticated application threat landscape. See how F5’s powerful one WAF engine enables the robust, innovative application protection you need in the consumption and deployment modes you want, addressing the application models you use—whenever and wherever you need it.

Introduction to BIG-IP WAF for Distributed Cloud

Get a sneak peek at the next-gen, modular architected web application firewall (WAF) product: BIG-IP WAF for Distributed Cloud. This lighter weight, API-first solution is purpose-built to support the changing nature of today’s business—from hybrid to multi-cloud models to container-driven, Kubernetes-based applications.
BIG-IP WAF is designed to help developers, security experts, and network professionals more easily integrate application and API security into their daily workflows—securing the container environments themselves and protecting every application and API across any environment in a more scalable, flexible fashion.

Adaptive Detection: Using Machine Learning to Identify Advanced Threats in Cloud-Native Infrastructure

Migrating applications to cloud native infrastructure has real, tangible benefits. By leveraging continuous deployment and on-demand infrastructure, these “adaptive applications” deliver much faster time-to-market and pace of innovation. While these benefits have accelerated adoption of cloud-native infrastructure, there is a growing set of advanced threats that requires a fundamental shift to detection. Adaptive applications require adaptive detection.
In this session, we will explore this expanding threat surface, emerging threats that customers should be aware of, and new machine learning techniques from Threat Stack that will help customers predict and detect advanced threats with high efficacy—even in highly dynamic, ephemeral cloud-native environments.

Lower Your TCO with New F5 Systems and BIG-IP Software and Automation

With new F5 systems and BIG-IP software technologies in the next-generation evolution, you will see reductions in resource requirements, while also lowering time and migration costs for F5 application delivery controller (ADC) platforms and modules in a highly scalable environment. BIG-IP software leverages an application-centric, declarative API interface to accelerate and automate application delivery and security services deployments with self-service tools and third-party ecosystem integrations.

Shifting Left with F5 NGINX

Gone are the days when security could simply be bolted on at the end of a process. In today’s world, integrated security must become a normal part of AppDev and DevOps implementations. Making security frictionless and adaptable enables development teams to power ahead without fear. Instead of a painful extra step that must be dealt with, modern application security can be a robust support system that empowers organizations to reach their business goals and guides them to even greater heights. Join this discussion where we chat with Audi on how the automotive company has secured its Kubernetes-based application environment with NGINX App Protect.

What Is a Modern App?

Application modernization is not just a buzzword anymore but rapidly gaining mainstream adoption. According to our own 2021 State of Application Strategy (SOAS) report, more than three-quarters of organizations are modernizing their applications—an increase of 133% over last year.
But what exactly is a modern app? Is it just a technology upgrade that involves shifting your apps to the cloud? Or just embracing Kubernetes and service mesh? Does it entail new thinking around culture and processes? Should we think about modern apps through the lens of the business objectives that apps enable? Tune in to this exciting discussion on how we at F5 NGINX define modern apps based on our expertise and learnings from our customers.

Adaptive Detection: Using Machine Learning to Identify Advanced Threats in Cloud-Native Infrastructure

Migrating applications to cloud native infrastructure has real, tangible benefits. By leveraging continuous deployment and on-demand infrastructure, these “adaptive applications” deliver much faster time-to-market and pace of innovation. While these benefits have accelerated adoption of cloud-native infrastructure, there is a growing set of advanced threats that requires a fundamental shift to detection. Adaptive applications require adaptive detection.
In this session, we will explore this expanding threat surface, emerging threats that customers should be aware of, and new machine learning techniques from Threat Stack that will help customers predict and detect advanced threats with high efficacy—even in highly dynamic, ephemeral cloud-native environments.

Take Control of Your Cloud-Native Infrastructure: Making Kubernetes Service Provider Ready

Many service providers are implementing distributed horizontal clouds for their 5G deployments. A distributed horizontal cloud provides greater freedom to select 5G core and RAN vendors based on cost and capabilities and greater operational efficiency. One of the main challenges is deploying a cloud-native infrastructure based on Kubernetes in a service provider environment. Learn how to overcome the limitation of Kubernetes in a service provider environment and implement a telco distributed horizontal cloud.

BIG-IP for Distributed Cloud Discussion Forum

Have questions about F5's next generation BIG-IP software? A panel of BIG-IP for Distributed Cloud experts will be on deck to answer those for you.

Growth and Evolution of F5 Cloud DDoS Mitigation

Learn about the latest cloud DDoS developments including Silverline and Volterra solution strategy. Understand the current state of the portfolio and key development efforts to bring together these solutions to deliver an enhanced DDoS mitigation offering to the market.

Breakout Sessions

Redefining Cybersecurity for Distributed Cloud Edge with Nvidia

Modern applications are built in a highly distributed manner, with services or microservices having multiple instances for scale-out and offering no single point to observe all the data. With the vast number of distributed applications, it’s challenging to provide a holistic view and detect threats. Solving this requires a robust and highly scalable telemetry collection and analytics strategy agnostic to the source and location.
The NVIDIA Morpheus AI framework offers pre-trained AI models that provide powerful tools to simplify workflows and help detect and mitigate security threats. Coupled with NVIDIA BlueField-2 DPUs on NVIDIA-Certified servers, F5 can accelerate cybersecurity through real-time telemetry and AI-powered analytics for applications distributed across the cloud and the edge. In this session, F5 shows how its Shape app security product portfolio and distributed cloud use AI-based pre-processing of telemetry data to optimize security and delivery of applications.

Journeys (Part 1): The Importance of Keeping Your BIG-IP Fleet Up-To-Date

With around 20% of F5 customers still operating v12.1 or earlier BIG-IP instances, in this session we'll discuss why upgrading your BIG-IP to the latest versions should be a top priority for you and your company. From end-of-lifecycle complications to potential security vulnerabilities, we'll cover all the reasons you should upgrade as soon as possible to ensure the security, health, and performance of your organization’s applications. In the second part of this two-part series, we'll then cover F5's tips, tricks, and tools that can help make your upgrade experience as seamless as possible.

Modern Application Reference Architectures

There are many reference architectures out in the world, but how many can actually be deployed? With the modern application reference architectures (MARA) project, we set out to create an easy-to-deploy modern application architecture built to production-level specifications. Join us to hear an update on this project and what’s coming in the future.

Dynamic Service Automation for Applications Using BIG-IP, Terraform, and Consul

Dynamic service automation reduces the number of manual IT service tickets for updating BIG-IP pool members. This session focuses on BIG-IP configuration automation using AS3 and Consul Terraform Sync. See how you can monitor changes in the application environment and automatically push necessary configuration changes to BIG-IP using AS3. By attending this session, you’ll learn how you can respond faster to application changes, while enabling self-service for developers.

Why You Need a Management Plane for Delivering and Securing Your Apps and APIs

With the explosion of applications and APIs, you need a management solution that provides governance for your Platform Ops teams without introducing friction for your DevOps and API owners. What are the core tenets of a management plane? How do you achieve scale and ensure security and reliability for your apps and APIs without slowing down your developers? Join this session to learn more about how F5 NGINX addresses these issues.

Securing your CDN: How F5 and AWS Come Together to Build a Globally Secure and Scalable Network

A content delivery network (CDN) is an important component of a company's digital presence. Whether you need to deliver fast, secure websites, accelerate dynamic content delivery and APIs, stream live or on-demand video, or distribute patches and updates, creating a globally secure and scalable network is crucial. Amazon CloudFront is a CDN service built for high performance, security, and developer convenience. In this session, you'll learn about Amazon CloudFront and how it integrates with F5 managed security services to offer flexible configurations, low latency and operating costs, and the flexibility to scale however you need.

It’s Time to Rethink Your Architecture, Platforms, and the Cloud

The practice of continually adding new solutions to solve specific issues has created excessively complex and fragile IT architectures. This often drives up costs, degrades security, and impairs business agility and growth by making change costly and fraught with risk.
By adopting best practice architectural patterns and principles and cloud-agnostic solutions, high-performing IT organizations have been able to create sustainable IT systems that drive successful outcomes. Learn how applying an architectural approach to your app security, delivery services, and automation and tooling can help you overcome complexity and realize the benefits of adaptive apps.

Taking BIG-IP VE to the Limit, SR-IOV and Non SR-IOV Performance in vSphere

This session details multiple customer use cases to show F5 BIG-IP High Performance VE configuration patterns used to maximize throughput in an SR-IOV or non SR-IOV scenario. Working with our joint customers, VMware and F5 have designed different configuration patterns for various adapters (e.g., Mellanox and Intel). This session will provide guidance for configuring your F5 BIG-IP High Performance VE, discuss the pros and cons of various deployment options, and cover lessons learned such as CPU pinning vs low latency mode, resource reservations, and NUMA management. It will also show how different adapters affect ESXi host configuration.

Quick Hits

360-Degree Web App and API Protection for Open Banking

In this session, we’ll show you how you can utilize F5’s NGINX and Shape technologies to protect an open banking deployment in partnership with the PingFederate solution as an identity provider. Learn how to use NGINX App Protect to secure an Open Banking API and leverage integrated bot defense to protect against bot attacks. Deploy NGINX as an API micro-gateway through a CI/CD pipeline managing both the API gateway and App Protect configurations. Manage financial aggregators and protect against web scraping using Shape's aggregator defense.

NGINX App Protect WAF Demo

Looking to quickly and easily integrate advanced application security into your NGINX Plus dataplane instances? Join us for a demo where we will show the power of NGINX WAF and denial-of-service (DoS) protection solutions.

Authorization and Authentication for Kubernetes Apps

A common non-functional requirement that gets built into apps and services is authentication and authorization. On a small scale, this practice adds a manageable amount of complexity that’s acceptable when the app doesn’t require frequent updates. But with faster release velocities at larger scale, integrating authentication and authorization into your apps becomes untenable. In this session, we'll share how you can offload this functionality to an Ingress controller to achieve better security and more efficient use of resources.

Turning the OWASP Top 10 2021 into Real, Actionable Protection for Your Application

The OWASP Top 10 is not set in stone. Representing the most critical security risks to web applications, it evolves as the threat landscape changes over time. The most recent is the OWASP Top 10 2021, which includes ranking changes, consolidation of categories, and new entries into the list of the top 10 security risks to web applications.
Ensuring applications are secured against the top 10 risks is a challenge for many security practitioners. F5 helps you take this list of high-level security risks and turn them into real, actionable protection for your applications, leveraging F5’s “OWASP Compliance Dashboard” in BIG-IP. The OWASP Compliance Dashboard has now been updated to comply with the OWASP Top 10 2021. Join this session to learn about the changes in 2021 and the updates to F5's OWASP Compliance Dashboard.

GraphQL: What It Is and How to Secure It with F5 Advanced WAF on BIG-IP

While REST has become the standard for web APIs, GraphQL is rising in popularity as a more flexible and efficient alternative. GraphQL is an open-source data query and manipulation language for APIs and a server-side runtime for executing queries. Like REST, GraphQL is served over HTTP and is prone to the typical API security vulnerabilities, such as injection attacks, denial-of-service (DoS) attacks and abuse of flawed authorization.
However, the mitigation strategy to prevent a security breach of GraphQL requires that APIs be specifically tailored to GraphQL. Unlike REST, where API resources are identified by multiple URLs, GraphQL operates on a single URL. WAFs filtering traffic based on URLs and query strings simply cannot protect GraphQL APIs. Instead, WAF policies for GraphQL must operate at the query level and scan for attacks specific to the GraphQL language.
F5 Advanced WAF has several features specifically designed for securing GraphQL APIs. Join this session to learn more.

[PORTUGUESE] Uncover Ransomware Threats in Encrypted Traffic

Anyone who has been keeping up with cybersecurity news likely is aware of the devastating impact ransomware is having on businesses. Ransomware has targeted many critical industries that keep the U.S. and world economy running, such as healthcare, banking and insurance, IT and professional services, and government agencies, among others. Unfortunately, many of these ransomware attacks have been successful in disrupting or halting critical infrastructure—and if you don't have visibility into encrypted threats, you are likely vulnerable.
How can F5 address the problem of ransomware stemming from encrypted entry points? Our SSL Orchestrator solution provides visibility into encrypted traffic to scan for threats while orchestrating your security stack. It provides improved security, performance, and availability; maximized security investments and lower total cost of ownership; and future-proof architecture for 100% encryption.

Volterra Deployments in Equinix as the Centerpiece of Your Multi-Cloud Strategy

Multi-cloud networking provides opportunities for deployment flexibility and distributed access to your adaptive applications. The Volterra platform is at the heart of F5’s multi-cloud network strategy and provides a distributed cloud platform to deploy, connect, secure, and operate apps and data across multiple clouds and edge sites.
Equinix is one of F5's strategic partners and is a vendor-neutral, multi-tenant data center provider with over 200 data centers worldwide that offers low latency connectivity to thousands of services providers, including all major public clouds.
In this session, you’ll learn why Equinix Metal and Equinix Fabric network connectivity are ideal for your Volterra Customer Edge deployments that are at the heart of your multi-cloud strategy.

Accelerate Your Modern Application Delivery with Certificate Lifecycle Automation

Customers deploying F5 systems for critical functions such as load balancing, encryption, and acceleration rely on SSL certificates to secure and authenticate communication. Managing these certificates manually in a distributed application environment is cumbersome and risky. It is no secret that outages and disruptions due to expired certificates can result in significant financial and reputational damages.
In this session, you’ll learn about various F5 integrations to discover, manage, and automate certificates across the enterprise to support modern application delivery. This knowledge will allow you to stay one step ahead of certificate outages—and move and adapt fast with end-to-end visibility and certificate lifecycle automation.

Managing NGINX with NGINX Instance Manager

Watch a quick demo of NGINX Instance Manager to see how you can track, configure, and monitor NGINX open source and NGINX Plus instances.

Deploy NGINX App Protect-Based WAF to AWS in Minutes

Discover a solution that deploys NGINX App Protect-based WAF to the AWS cloud in minutes. This solution includes a complete set of components for successful WAF deployment: a fully automated data plane, a GitOps-based control plane, and visibility dashboards. It can be used as a production-grade WAF deployment or an environment to experience App Protect WAF.

Leaked Credentials: A Ticking Time Bomb and How to Stop It

In large part due to easy and cheap access to databases of leaked credentials, cybercriminals are increasingly using leaked credentials to take over accounts, steal information, and misuse resources. Sadly, users continue to re-use the same credentials across different applications—increasing the success of these attacks.
F5's Leaked Credential Check stops credential misuse and prevents attacks before they even happen. Join this session to learn all about Leaked Credential Check and how it can protect you from the next attack.

[SPANISH] Simplifying & Securing Application Access with F5 and Azure AD

As we know, applications today can reside anywhere: in the cloud, SaaS, and on-premises. This helps and accelerates the development of our businesses. But it does not stop presenting us with new challenges because applications and access to them are constant targets of increasingly advanced attacks. For a variety of reasons, users abuse and misuse the credentials required to access applications including password fatigue, password reuse, the use of simple passwords, and non-use of multi-factor authentication, etc.
Learn how F5 Access Policy Manager (APM) and Microsoft Azure Active Directory (AD) together address the authentication and security challenges presented by mission-critical, on-premises, and custom applications. By integrating F5 APM and Azure AD, users can centralize user authentication (SSO) with a single, consolidated system for IT and network administrators to manage enhanced security and access policies. In turn, this integration enforces and centralizes modern and secure authentication policies for all applications, wherever they are located.

Securing APIs: The Key to Unlocking Digital Transformation

We will discuss how securing APIs are the key to driving adoption of digital transformation. The challenge of digital transformation is how to best secure foundational APIs. In this talk, we’ll cover how F5 is critical to securing digital transformation and introduce a lab in WWT's ATC showcasing how to secure APIs with OAuth 2.0.

Aggregator Management for Financial Institutions

Financial institutions are struggling to manage aggregators, which provide value-added services to customers yet also pose security and compliance risks. Learn how F5 provides solutions for financial institutions to manage aggregators and mitigate risks.

Distributed Cloud Load Balancing

What does application delivery look like when the load balancer is the size of the Internet? Come see new ways to connect applications to consumers, including cross-provider load balancing, seamless hybrid public-private-edge, and zero routing local consumption of remote services.

Discussion Forums

The DevCentral Forum

We're the DevCentral Community—ask us anything! Agility is about upcoming solutions and how-to content but it’s also about getting together with old pals and we thought it would be fun to have an open AMA session for DC/Community fans to come and chat for bit. We’ve got new live streams, (will have) a new website, and will include the F5 Labs team too!

What's New with NGINX Controller Application Delivery Module

Check out all the latest and greatest developments for NGINX Controller Application Delivery Module. We'll showcase the new features and show you why it's the ideal solution for holistic, simplified, app-centric management of your NGINX app delivery and security services and the apps that they support.

Secure Your Service Provider Network and Users Today and Into the Future

This discussion will be a walkthrough of threats and security solutions for a service provider network and your customers. We’ll examine security solutions that span fixed-line, 4G, and 5G with deployment options that can address performance and scale with CapEx and OpEx savings. Also, we will look into the future of F5’s Cloud-Native Network Functions.

Proactively Understanding Your Application's Vulnerabilities

Apps are at the heart of today's increase in security breaches. Bad actors don't discriminate—they actively target every industry and vertical. Applications are the foundation of how we live, work, and interact with our co-workers, employees, and customers. Although companies are placing a tremendous focus on application security, severe gaps still exist regarding visibility, understanding, organization, and knowledge of where to apply attention and resources. The first step in approaching application security is understanding the app landscape, its vulnerabilities, and potential attack surface. By understanding this, you can begin mitigation strategies and prioritize remediation efforts. CompuNet will also walk through their methodology to meet customers’ application security needs.

Learn How to Talk Like You Understand Kubernetes

With the invention of Kubernetes came a host of new concepts and tools, particularly around networking and traffic management. In particular, Ingress controllers and service meshes did not exist prior to the Kubernetes era. Nor were Layer 4 and Layer 7 protocols and traffic typically managed from the same control plane. In this session, we'll provide a "translation guide" for these new concepts and tools so you can have meaningful discussions with your leaders and teams.

Journeys (Part 3): BIG-IP Upgrade Live Discussion Forum

In this live discussion forum, a panel of F5 specialists will be on deck to answer any questions you may have around the process of upgrading your BIG-IP instances.

Modern Application Ecosystems

As you “shift left” into a more modern application architecture, you will find yourself in the middle of a vast and complex ecosystem. When there are multiple solutions to every problem, how do you make the “right” choice? In this panel, we’ll discuss some of the key considerations that need to be kept in mind when it comes to making these decisions. Join us to hear real life examples of how these decisions are made and how they can backfire on you.

The F5 Portfolio and Red Hat OpenShift

This session will review how F5 technologies seamlessly integrate into an OpenShift deployment to make it secure, scalable, and available. We will review the value that the entire F5 portfolio—software, hardware, and SaaS solution—brings to a production grade Kubernetes deployment with OpenShift.

We’ll cover:
  • How to protect and load balance microservices apps in an OCP deployment with F5 NGINX
  • Integrating security into CI/CD pipelines
  • Using automation and telemetry to mitigate security threats in real time on an OCP deployment with minimal intervention
  • Multi-cloud networking and security with OpenShift on the Hyperscaler platforms (ROSA, ARO)
  • Providing a hardened, flexible, multi-cluster deployment using the principles of Site Resiliency Engineering (SRE)

We will conclude this session with some demo videos on how to address the above use cases.

Breakout Sessions

Journeys (Part 2): F5's Tips, Tricks & Tools to Help You Keep Your BIG-IP Fleet Up-to-Date

Following “Journeys Part 1,” in this session we'll get more technical and take a closer look at some of the tools, services, and guidance F5 has delivered to help make your BIG-IP upgrades as seamless as possible.

How to Balance Privacy and Security Handling DNS over HTTPS

DNS: the Internet standard that we don’t tend to think about until it breaks. In the last year, DNS failures have been responsible for some of the largest Internet outages. And with DNS over HTTPS (DoH) becoming the standard for many browsers and some smartphones, there’s even more potential for DNS failures due to organizations’ lack of visibility into DNS traffic when encrypted. If your organization has no way to gain visibility into encrypted DNS traffic, DoH could be masking malware, or could be rogue traffic being obfuscated by DoH, and could also reduce your ability to enforce policy on traffic.
In this session, we’ll discuss how you can use SSL Orchestrator to detect rogue instances of DNS over HTTPS in your environment, and either block, log, blackhole, or even reroute the traffic to BIG-IP DNS so that you’re able to regain control of the traffic.

Production Ready Kubernetes with SUSE Rancher and NGINX

As more Kubernetes workloads move to production across hybrid deployment models, companies are continuing to look for ways to simplify, scale, and secure those deployments. Now with the SUSE Rancher partnership, certification of our NGINX Plus Ingress Controller, and NGINX App Protect and NGINX Service Mesh being on the Rancher Apps and Marketplace, we’re empowering users and customers to deploy Kubernetes in production with the most widely used, production ready platform and ingress solution in SUSE Rancher and NGINX.
Join this session to learn how to simplify, scale, and secure your Kubernetes deployments for production with SUSE Rancher and NGINX.

Simplify Operation of Your 5G Core with Intelligent Signaling

Deploying a 5G core is difficult, but operating a 5G core is even more challenging. The Service Communication Proxy (SCP) is the intelligent nerve center that simplifies the operation of a 5G core. Explore the operational benefits of an SCP and find out why including support for legacy 4G signaling is critical to a smooth 4G to 5G transition.

Cisco ACI and F5 BIG-IP Infrastructure as Code with Terraform

Provisioning and configuring multi-layer infrastructure, networking, and application services is daunting and time-consuming. Cisco, F5, HashiCorp have partnered to enable developers and site reliability engineers (SREs) to automate multi-cloud application delivery to improve time to value through the improved speed of deployment cycles and lowered complexity.

In this session, you’ll learn how to use Terraform to automate the infrastructure workflow. We’ll cover:
  • Infrastructure as code best practices
  • How previously point-and-click infrastructure deployments (Cisco ACI networking and F5 BIG-IP application services) can be specified in declarative source-controlled files
  • Verified, developer-friendly Terraform workflows that combine the power of Terraform, Cisco ACI, and F5 BIG-IP

Quick Hits

Unearthing Ransomware Infections in Cloud Databases Used for Modern Applications

Attackers are targeting cloud databases used for modern applications to subvert the integrity and confidentiality of the stored data. Databases such as MongoDB, Elasticsearch, etc. are being infected with ransomware and exploited in the wild to conduct data exfiltration and data destruction. In this talk, we present a threat landscape of ransomware infections in cloud databases deployed for modern applications. This talk unveils techniques for detecting ransomware by practically demonstrating the detection of real-world infections using developed tools and equips threat researchers and penetration testers to build threat intelligence to secure apps at scale.

Discover a UI for Declarative WAF Policy Configuration

Declarative WAF policy configuration requires heavy documentation reading and manual JSON tinkering. Discover a web-based tool that aims to simplify declarative policy configuration and the transformation experience.

WWT and F5: Delivering the Future of Secure Multi-Cloud Applications Today

Join this session where we’ll discuss how WWT is leveraging F5 to drive customer ability to deliver secure applications no matter where the apps live or the development style used. We’ll explore how F5's technology and WWT's expertise and ATC work together to develop secure application architectures.

Augmenting BIG-IP VE Performance and Lowering TCO via SmartNIC Offload

The pace of app migration and creation within cloud and virtualized environments continues to accelerate across every industry and region, as companies are lured in by the promise of enhanced agility, greater architectural flexibility, and lower costs. Transitioning to a software-first strategy often has a performance cost, however, with organizations sacrificing the power and performance of in-house, purpose built appliances in favor of virtualized solutions running on general purpose COTS servers. By integrating BIG-IP VE with an Intel FPGA-enabled SmartNIC, users can now offload compute-intensive functions such as DDoS mitigation, CGNAT, and L4 traffic management from their BIG-IP VE to the high performance SmartNIC, yielding considerable performance improvements, CPU savings, and cost reductions in the process. In this session, we'll provide an overview of BIG-IP VE for SmartNIC solution and its use cases, as well as a short demonstration.

Distributed Cloud Account Protection Analyst Station

F5 Distributed Cloud Account Protection is a fraud solution based on rich behavioral signals and machine learning. Learn how the Analyst Station for Distributed Cloud Account Protection provides the ability to investigate and manage instances of fraud.

Discussion Forums

Guide to Adopting Kubernetes

Kubernetes is seen as a core component of most modern app delivery strategies because it helps organizations deliver apps faster with more agility and avoid costly downtime. But adopting Kubernetes is far from easy for organizations with a history of delivering 3-tier apps. How do you know which apps to refactor vs building net new? What kinds of processes and tools can help you avoid common challenges around security and complexity? In this session, our Kubernetes panel will address these common concerns and field questions from the audience.

Making Sense of Zero Trust: What’s Required Today and What We’ll Need Tomorrow

The zero trust approach of “never trust, always verify” is critical as the threat landscape is more targeted and advanced. But what’s really necessary in today’s zero trust architecture and how can it best be implemented? While many vendors are bringing zero trust network access solutions to market focused on securing users and devices, is that enough?
Join us to discuss what it means to have a holistic zero trust approach and the gaps in security that must be overcome to be successful. Learn more about F5’s vision for extending zero trust access to users and devices (including ZTNA products) and how we can go beyond that to embed zero trust within the very fabric of the business ecosystem (workload, service, server, network and API).

How Cyber Criminals Think

Join us for a discussion with Dan Woods, ex-law enforcement and current VP of the Shape Intelligence Center. We’ll host an open chat with Dan about some of the things he has seen across his long and varied career in cyber security.

Breakout Sessions

Are You Ready for a Service Mesh?

Service mesh is the hot technology featured at just about every cloud-native conference, but do you actually need one and is your organization ready? We'll share a 6-question checklist that will help you determine readiness and whether your organization will get value from adopting a mesh.

Increase Revenue by Removing Login Friction in E-Commerce

In the hypercompetitive digital market, consumers have many choices at their fingertips—the ability to quickly login, research, and transact is a key competitive advantage. But for typical B2C web applications, up to 30% of legitimate users struggles to successfully login. Friction in login immediately converts to loss in revenue. In this session, we’ll explore the tension between friction-free consumer experiences and application security that can lead to less than ideal choices that directly impact business outcomes.

Quick Hits

BIG-IP APM + Microsoft Azure Active Directory for Stronger Cybersecurity Defense

Securing today’s user-centric business network requires zero trust, but what controls are needed to best enable that approach? No security product alone enables a zero trust model; it requires seamless integration among key security solutions to drive access informed by “never trust, always verify,” leveraging fine-grained security analysis of your full business environment and users.
Learn how BIG-IP APM and Microsoft Azure Active Directory integrate to enable a zero trust app access architecture. In this session, you’ll see how this integration results in seamless app access to any application, regardless of location and authentication, and how that simplifies zero trust implementation. Additionally, through BIG-IP APM’s Identity Aware Proxy, you gain a single point of control for deploying conditional access, role- and attribute-based policies across all your apps—legacy or modern. Showcased capabilities include continuous monitoring of devices, risky user analysis and conditional access.

[Demo] Discover and Secure APIs Anywhere Using F5 Distributed Cloud Web App and API Protection

Businesses need to maintain and evolve their traditional APIs, while simultaneously developing new ones using modern architectures. Learn how you can dynamically discover, secure, and observe APIs anywhere using F5 Distributed Cloud Web App and API Protection.

Holy Grail of Retail: Passwordless

Modern application experiences offered up from global brands like Amazon, Uber, and DoorDash have provided easy consumer identity authentication and access while not sacrificing security. This new approach to Customer Identity Access Management (CIAM) uses continuous authentication or "passwordless" which results in long term sessions so that legitimate consumers can use their favorite apps for extended periods of time without being unnecessarily interrupted with MFA requests. This results in huge benefits to those that employ it.

In this session, we’ll answer questions like:

  • How do modern retailers do this?
  • What are the risks?
  • How can you work with F5 and key partners to adopt this strategy for your modern customer facing application?