F5 has unveiled a new set of security capabilities designed to protect modern applications and APIs in increasingly complex digital environments. Integrated into the F5 Application Delivery and Security Platform (ADSP), these innovations combine intelligent threat protection, zero trust access controls, and crypto-agile architecture. As organizations continue to adopt AI-driven applications and hybrid cloud infrastructures, these enhancements aim to help enterprises secure distributed systems while also preparing for emerging post-quantum cybersecurity challenges.

Modern enterprises are rapidly expanding applications across data centers, hybrid multicloud platforms, and edge environments. Consequently, security teams must respond faster to evolving threats that target these distributed systems. To address this challenge, F5 has embedded AI-powered security features directly within its platform, enabling automated risk-based protection and improved threat detection. These capabilities reduce operational overhead while helping security teams move more efficiently from identifying vulnerabilities to implementing active defenses.

Cyber Technology Insights: F5 Enhances App Delivery and Security with API Discovery and Upgrades

“Security teams do not need more alarms. They need fewer gaps,” said Kunal Anand, Chief Product Officer at F5. “ADSP closes the loop from finding risk to enforcing protection. That includes moving from identified AI model vulnerabilities to validated runtime guardrails, AI-powered risk scoring, and a practical path to zero trust and post-quantum readiness. The point is simple: move faster while reducing your threat landscape.”

One of the key innovations is F5 AI Remediate, which bridges the gap between identifying AI model vulnerabilities and deploying runtime protections. Working alongside tools such as AI Red Team and AI Guardrails, the solution automates the creation, optimization, and validation of targeted guardrail packages. As a result, security teams can deploy evidence-based protections into production environments faster while maintaining human oversight. This approach allows organizations to reduce exposure to threats without disrupting live AI workloads.

Additionally, the latest F5 Distributed Cloud Web Application Firewall (WAF) introduces AI-powered risk scoring to automate previously manual security processes. Through outcome-based blocking policies, security teams can detect and stop threats more quickly while maintaining low false-positive rates. These enhancements also strengthen the company’s Web Application and API Protection (WAAP) capabilities, enabling consistent protection across hardware appliances, cloud services, SaaS platforms, and containerized environments.

Another major development focuses on addressing the growing risks associated with agentic AI systems, where automated AI agents interact directly with applications and services. Enhancements to F5 Distributed Cloud Bot Defense provide deeper visibility into application traffic, enabling organizations to distinguish clearly between humans, bots, and AI agents. Only trusted and verified AI agents can interact with applications, preventing malicious automation, impersonation attempts, and analytics manipulation that could harm businesses.

Furthermore, F5 has integrated Distributed Cloud Web App Scanning with BIG-IP Advanced WAF, allowing organizations to detect vulnerabilities through automated penetration testing and rapidly deploy virtual patches. This integration significantly reduces the time required to identify threats and respond to potential exploits.

Cyber Technology Insights: F5 and CrowdStrike Partner to Deliver AI-Powered Security for BIG-IP

Beyond application security, F5 is also strengthening identity and access protection. The company is evolving BIG-IP Access Policy Manager (APM) into BIG-IP Zero Trust Access, expanding zero trust application access capabilities across hybrid and multicloud environments. Unlike many SaaS-based solutions, this system supports continuous identity- and context-aware policy enforcement across modern, legacy, and cloud applications. With per-request validation and support for Identity Aware Proxy, SSL VPN, and IPsec VPN, organizations can adopt zero trust frameworks without disrupting existing architectures.

In addition, the platform introduces enhanced API discovery and security features through F5 Distributed Cloud API Security. These updates include out-of-band API discovery across multiple data planes such as BIG-IP, NGINX, Kong, and Apigee. F5 is also launching a deployable API security solution designed for air-gapped and highly regulated environments. This enables organizations to maintain complete API visibility while meeting strict compliance and data sovereignty requirements.

Finally, F5 is advancing its leadership in post-quantum cryptography (PQC) readiness. Through crypto-agile architecture and support for hybrid TLS cipher groups, the company enables organizations to begin adopting quantum-resistant security today while remaining compatible with existing cryptographic systems. This approach allows enterprises to prepare for the eventual arrival of quantum computing threats without disrupting current operations.

Collectively, these updates reinforce F5’s strategy of delivering unified security and application delivery capabilities through a single platform. By integrating AI-driven protection, zero trust access, API security, and post-quantum readiness, the company aims to help organizations secure modern applications while simplifying complex cybersecurity operations across hybrid and multicloud environments.

Cyber Technology Insights: F5 to Acquire CalypsoAI to Bring Advanced AI Guardrails to Large Enterprises

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com