F5, Inc. unveiled significant enhancements to the F5 Application Delivery and Security Platform (ADSP). The latest updates focus on strengthening API discovery capabilities, improving threat detection, and optimizing network connectivity, underscoring F5's commitment to delivering unified visibility, security, and operational efficiencies across hybrid and multicloud environments. These updated capabilities are in the latest 7.0 release of F5 Distributed Cloud Services, marking a major update that strengthens visibility and offers greater control for protecting APIs.
The release reflects F5's continued innovation in Distributed Cloud Services and their growing importance in the F5 ADSP. Broader enhancements to the F5 ADSP include: Expanded API discovery and visibility: Broader and more flexible API discovery options help customers visualize hidden endpoints, sensitive data flows, and inconsistent controls across BIG-IP, NGINX, additional proxies/gateways, and even within air-gapped environments--all without rearchitecting applications or altering traffic paths. API discovery for BIG-IP, now generally available, enables out-of-band visibility across BIG-IPTMOS systems (v15.1+).
API discovery for NGINX and additional proxies/gateways--including NGINX OSS, NGINX Plus, Kong, and Apigee--is available in early access, and allows customers to unify inventory and analysis across heterogeneous environments. For regulated industries and customers with strict data sovereignty requirements, local API discovery, also available now in early access, can be deployed as an air-gapped option that brings the same visibility without sending any data to the cloud. Enhanced API testing and threat detection: On top of these new API discovery options, this release broadens the scope of API testing to address more vulnerabilities outlined in the OWASP API Top 10.
It introduces new and enhanced detection capabilities across critical threat categories such as API1 - Broken Object Level Authorization (BOLA), API2 - Broken Authentication, API3 - Broken Object Property Level Authorization (BOPLA), and API5 - Broken Function Level Authorization. These advancements empower organizations to accurately identify threats earlier, maintain a strong security posture in complex API ecosystems, and proactively prevent attacks and exploits. Bot Defense now offers tighter integration with F5's managed offerings, expanding self-service ability with native routing in the console to simplify onboarding.
This integration streamlines the entire setup process, allowing organizations to easily onboard applications and services for bot protection without complex configurations or additional overhead. The native console routing ensures that security policies can be quickly applied where needed, reducing the time and expertise required to secure digital assets. Investigations have been enhanced with advanced filtering rules using regex operators along with new filter options such as 'contains,' 'not contains,' 'starts with,' and 'ends with' to improve threat analysis and speed up resolution.
Operational improvements for cloud-native environments: Customers can now take advantage of new operational enhancements, including a modernized service discovery framework for Kubernetes and Consul environments. This upgrade allows organizations to efficiently map discovered services to individual tenants and apply robust, native role-based access control (RBAC). With BGP routing policies, enterprises now benefit from granular control over traffic flows using inbound and outbound route filtering and advanced customization options, while enhanced debug visibility accelerates troubleshooting and boosts operational assurance.
These enhancements make this release an important step forward for Distributed Cloud Services, solidifying their position in the F5 ADSP and supporting the company's platform strategy. Supporting materials: Blog: New 7.0 and New 7.0 release of Distributed Cloud Services: New 7.0 release of F 5 ADSP and their growing importance in the DSP.
