F5 Labs

Broken API authentication is leading to avoidable security incidents and unusual impacts. Learn what you can do to control the risk.

Website logins are under constant assault, with attackers quickly modifying their bots to evade simplistic defenses.

Website logins are under constant assault, with attackers quickly modifying their bots to evade simplistic defenses.

Hackers are increasingly turning to data manipulation to accomplish their goals - accessing your data and compromising integrity. F5 Labs' Shahnawaz Backer writes for Businessworld, describing some of the common scenarios and controls to protect yourself.

F5 Labs summer intern describes her experiences building a Python-based HTTPS scanning library for security research and release as an open source tool.

F5 Labs summer intern describes her experiences building a Python-based HTTPS scanning library for security research and release as an open source tool.

As cybercriminals continue trying to break into applications using legitimate channels, digital identity is a growing target. Learn what digital identity is and the attack methods fraudsters employ at every stage of the identity life cycle.

As cybercriminals continue trying to break into applications using legitimate channels, digital identity is a growing target. Learn what digital identity is and the attack methods fraudsters employ at every stage of the identity life cycle.

As organizations make more of their APIs publicly available, it’s important they understand the potential risks of data exposure and establish best practices for securing all APIs.

As organizations make more of their APIs publicly available, it’s important they understand the potential risks of data exposure and establish best practices for securing all APIs.

APIs have become critical for business online, but they are also leading to more security incidents, most of which should have been preventable.

Securing APIs demands a new approach. See what we can learn from API incidents and where to begin.

How to shift from firefighting to fire suppression.

How to shift from firefighting to fire suppression.

COVID-19 has changed our business operation models, and attackers have been adapting quickly. Shape's Dan Woods writes for ITProPortal, describing the emerging trends and how different industries need to adapt.

F5 Labs has released a new open-source tool to check for HTTPS misconfigurations of public and internally hosted HTTPS websites.

F5 Labs has released a new open-source tool to check for HTTPS misconfigurations of public and internally hosted HTTPS websites.

Cred stuffing isn't going away. Shape's Jarrod Overson writes for InformationSecurityBuzz, examining the ROI of cred stuffing for attackers, and the evolution to "imitation attacks".

Understanding what APIs are, the role they play in modern apps, and the potential risks they pose to organizations.

Understanding what APIs are, the role they play in modern apps, and the potential risks they pose to organizations.