F5 Labs

Stopping ransomware takes work—F5 looks at the defense techniques of user account management, network segmentation, and data backup.

The title of this report is not a typo. “The State of the State of Application Exploits in Security Incidents” is a meta-analysis of several prominent industry reports, each of which covers the state of application security.

The title of this report is not a typo. “The State of the State of Application Exploits in Security Incidents” is a meta-analysis of several prominent industry reports, each of which covers the state of application security.

Mutual Transport Layer Security (mTLS) allows two parties to authenticate each other during the initial connection of an SSL/TLS handshake.

Mutual Transport Layer Security (mTLS) allows two parties to authenticate each other during the initial connection of an SSL/TLS handshake.

Examining three breach and compliance failure cases under the New York Department of Financial Services’ 23 NYCRR Part 500 cybersecurity regulation.

Examining three breach and compliance failure cases under the New York Department of Financial Services’ 23 NYCRR Part 500 cybersecurity regulation.

A detailed examination of application risk and cybersecurity attack chains, broken down by sector.

A detailed examination of application risk and cybersecurity attack chains, broken down by sector.

From spoofing device fingerprints to hijacking authenticated sessions, attackers use a range of techniques to bypass multifactor authentication.

From spoofing device fingerprints to hijacking authenticated sessions, attackers use a range of techniques to bypass multifactor authentication.

MITRE ATT&CK, a framework that uniquely describes cyberattacks from the attacker’s perspective, is quickly being adopted by organizations worldwide as a tool for analyzing threats and improving security defenses.

MITRE ATT&CK, a framework that uniquely describes cyberattacks from the attacker’s perspective, is quickly being adopted by organizations worldwide as a tool for analyzing threats and improving security defenses.

A review of 2018-2020 cyberattacks at brokerages, investment funds, payment processors, and financial services organizations as well as API security incidents and open banking.

A review of 2018-2020 cyberattacks at brokerages, investment funds, payment processors, and financial services organizations as well as API security incidents and open banking.

A look at cybersecurity incidents at banks, credit unions, insurance companies, government-sponsored financial institutions, and stock exchanges.

A look at cybersecurity incidents at banks, credit unions, insurance companies, government-sponsored financial institutions, and stock exchanges.

The 2021 version of F5’s continuing analysis of the application security threat landscape explores ransomware, payment card theft, and account takeover.

The 2021 version of F5’s continuing analysis of the application security threat landscape explores ransomware, payment card theft, and account takeover.

A behind-the-scenes peek into the hidden world of human click farms.