F5, a global leader in application delivery and security, introduced a new set of advanced security capabilities at AppWorld aimed at protecting modern and AI-driven applications. Through these updates, the company strengthened its F5 Application Delivery and Security Platform (ADSP), bringing together intelligent threat protection, zero trust access controls, and crypto-agile architecture. As a result, enterprises can better secure distributed applications while also preparing for emerging post-quantum security challenges.
“Security teams do not need more alarms. They need fewer gaps,” said Kunal Anand, Chief Product Officer at F5. “ADSP closes the loop from finding risk to enforcing protection. That includes moving from identified AI model vulnerabilities to validated runtime guardrails, AI-powered risk scoring, and a practical path to zero trust and post-quantum readiness. The point is simple: move faster while reducing your threat landscape.”
AI Authority Trend: F5 Enables Faster, Secure AI Deployments on Red Hat OpenShift
AI-Driven Protection for Modern Threats
As organizations increasingly scale applications across data centers, hybrid multicloud infrastructures, and edge environments, the need for faster and more intelligent security responses continues to grow. To address this challenge, F5 has embedded AI-powered protection features within the ADSP. These capabilities automate risk-based web application firewall (WAF) processes, enabling enterprises to improve threat detection while significantly reducing operational complexity.
Moreover, F5 introduced F5 AI Remediate, a new feature that bridges the gap between identifying AI model vulnerabilities and enforcing effective runtime protections. The solution works alongside F5 AI Red Team and F5 AI Guardrails to accelerate response times. By automating the creation, optimization, and validation of targeted guardrail packages, AI Remediate allows security teams to deploy evidence-based protections quickly, while still maintaining human approval processes. Consequently, organizations can strengthen AI security without interrupting live AI applications or workflows.
In addition, the latest update to F5 Distributed Cloud WAF brings AI-powered risk scoring capabilities. This enhancement transforms traditionally manual security processes into automated defense mechanisms. With outcome-based blocking policies, security leaders including CISOs, SecOps, and NetOps teams can identify and block threats faster while maintaining low false positive rates. Furthermore, F5 Web Application and API Protection (WAAP) solutions reduce the need for signature-based tuning, allowing enterprises with large application portfolios to streamline their security management.
Strengthening Security in the Era of Agentic AI
At the same time, F5 is addressing emerging risks tied to AI-driven automation. The company enhanced F5 Distributed Cloud Bot Defense to detect and prevent threats such as analytics manipulation, automated abuse, and impersonation attempts created by AI agents.
Within the ADSP environment, this upgraded solution provides deeper visibility into application traffic. It can clearly distinguish between human users, bots, and AI agents. Only trusted and verified AI agents are permitted to interact with applications, ensuring that malicious automation is blocked while legitimate automated interactions remain functional. As a result, organizations can safely participate in the growing agentic commerce ecosystem while protecting business revenue from harmful automation.
Additionally, ADSP now integrates F5 Distributed Cloud Web App Scanning with F5 BIG-IP Advanced WAF, enabling automated vulnerability detection at scale. Security teams can perform automated penetration testing and deploy virtual patches quickly. This integration significantly reduces the time required to identify and respond to vulnerabilities while providing consistent security across hardware, software, and SaaS environments.
AI Authority Trend: F5 Strengthens Support for WWT’s ARMOR AI Security Framework
Advancing Zero Trust Across Hybrid Multicloud
Beyond AI security, F5 is also evolving BIG-IP Access Policy Manager (APM) into BIG-IP Zero Trust Access, reinforcing the company’s zero trust strategy. Unlike traditional SaaS-based zero trust network access solutions, BIG-IP Zero Trust Access enables hybrid zero trust operations with continuous identity- and context-aware policy enforcement.
Through per-request validation, the platform limits lateral movement within networks and enhances application security across cloud, SaaS, and legacy systems. It also supports multiple secure access methods, including Identity Aware Proxy, SSL VPN, and IPsec VPN, while operating on a platform ready for post-quantum cryptography (PQC).
Meanwhile, F5 expanded its Distributed Cloud API Security with new discovery and protection capabilities designed for modern hybrid environments. These updates include out-of-band API discovery across multiple platforms such as BIG-IP, NGINX, Kong, and Apigee. In addition, F5 introduced deployable API security software for highly regulated or air-gapped environments, enabling organizations to maintain full API visibility without relying on external connections.
Preparing for the Post-Quantum Future
Looking ahead, F5 continues to focus on long-term cybersecurity resilience. The company is strengthening its leadership in post-quantum cryptography readiness by introducing a crypto-agile architecture within the ADSP. By supporting hybrid TLS cipher groups, F5 ensures immediate quantum-resistant security while maintaining compatibility with existing cryptographic systems.
As organizations prepare for the eventual arrival of quantum computing threats often referred to as Q-Day F5’s platform allows them to adopt quantum-safe protections without disrupting current operations.
Collectively, these innovations reinforce F5’s vision of delivering unified application delivery and security across hybrid cloud, multicloud, edge, and on-premises environments.
According to Gartner, “Organizations should start by evaluating platform solutions first, and many will find that they need to combine a CDN, WAF or API threat protection solution with an API gateway. Again, the key is to look for existing platforms that can be extended or new platforms that offer significant combined capabilities across protection categories. This approach minimizes the number of moving parts and prevents ‘proxy overload,’ which can lead to excessive performance and availability risk.”
With its platform-based approach, F5 enables enterprises to simplify security operations while strengthening protection for applications and APIs across increasingly complex digital ecosystems.
AI Authority Trend: F5 Launches AI Guardrails and AI Red Team to Strengthen Enterprise AI Security
To share your insights, please write to us at info@intentamplify.com