F5 Elevates Application Delivery and Security Platform with Comprehensive API Discovery and Application Delivery Enhancements

SEATTLE--(BUSINESS WIRE)--F5 (NASDAQ: FFIV) today unveiled significant enhancements to the F5 Application Delivery and Security Platform (ADSP). The latest updates focus on strengthening API discovery capabilities, improving threat detection, and optimizing network connectivity, underscoring F5’s commitment to delivering unified visibility, security, and operational efficiencies across hybrid and multicloud environments.

These updated capabilities are in the latest 7.0 release of F5 Distributed Cloud Services, marking a major update that strengthens visibility and offers greater control for protecting APIs. The release reflects F5’s continued innovation in Distributed Cloud Services and their growing importance in the F5 ADSP.

“APIs are everywhere, powering every connection across apps, users, and data,” said Kunal Anand, Chief Product Officer at F5. “With these new capabilities, we give organizations unified visibility and control over APIs—whether supported by F5 BIG-IP, F5 NGINX, or Distributed Cloud Services, or within air-gapped environments. We’re collapsing complexity, giving teams instant control over bot defense, cloud-native operations, and network connectivity, all in one platform. The result: enterprises can innovate faster, defend smarter, and scale anywhere, without compromise.”​

Broader enhancements to the F5 ADSP include:

Expanded API discovery and visibility

Broader and more flexible API discovery options help customers visualize hidden endpoints, sensitive data flows, and inconsistent controls across BIG-IP, NGINX, additional proxies/gateways, and even within air-gapped environments—all without rearchitecting applications or altering traffic paths.

API discovery for BIG-IP, now generally available, enables out-of-band visibility across BIG-IP TMOS systems (v15.1+). API discovery for NGINX and additional proxies/gateways—including NGINX OSS, NGINX Plus, Kong, and Apigee—is available in early access, and allows customers to unify inventory and analysis across heterogeneous environments. For regulated industries and customers with strict data sovereignty requirements, local API discovery, also available now in early access, can be deployed as an air-gapped option that brings the same visibility without sending any data to the cloud.

Enhanced API testing and threat detection

On top of these new API discovery options, this release broadens the scope of API testing to address more vulnerabilities outlined in the OWASP API Top 10. It introduces new and enhanced detection capabilities across critical threat categories such as API1 - Broken Object Level Authorization (BOLA), API2 - Broken Authentication, API3 - Broken Object Property Level Authorization (BOPLA), and API5 - Broken Function Level Authorization. These advancements empower organizations to accurately identify threats earlier, maintain a strong security posture in complex API ecosystems, and proactively prevent attacks and exploits.

Strengthened F5 Distributed Cloud Bot Defense capabilities

Bot Defense now offers tighter integration with F5’s managed offerings, expanding self-service ability with native routing in the console to simplify onboarding. This integration streamlines the entire setup process, allowing organizations to easily onboard applications and services for bot protection without complex configurations or additional overhead. The native console routing ensures that security policies can be quickly applied where needed, reducing the time and expertise required to secure digital assets.

These updates give customers greater control of bot detection policies and the ability to modify and deploy rules as needed. Organizations can tailor bot defense strategies to meet their unique threat landscapes, enabling rapid response to emerging attack patterns or business requirements. This empowers customers to stay ahead of evolving automated threats, ensuring continuous protection while minimizing false positives and operational friction. Investigations have been enhanced with advanced filtering rules using regex operators along with new filter options such as ‘contains,’ ‘not contains,’ ‘starts with,’ and ‘ends with’ to improve threat analysis and speed up resolution.

Operational improvements for cloud-native environments

Customers can now take advantage of new operational enhancements, including a modernized service discovery framework for Kubernetes and Consul environments. This upgrade allows organizations to efficiently map discovered services to individual tenants and apply robust, native role-based access control (RBAC). By improving isolation across namespaces and simplifying secure access management, these capabilities are essential for enterprises aiming to scale their cloud-native workloads with confidence.

Advanced networking enhancements

F5 Distributed Cloud Network Connect now includes expanded routing intelligence and seamless ecosystem integration. With support for external connectors and BGP routing policies, Network Connect extends connectivity by automatically creating secure tunnels to SD-WAN routers and third-party networking devices. With BGP routing policies, enterprises now benefit from granular control over traffic flows using inbound and outbound route filtering and advanced customization options, while enhanced debug visibility accelerates troubleshooting and boosts operational assurance.

Advancing F5’s platform strategy

These enhancements make this release an important step forward for Distributed Cloud Services, solidifying their position in the F5 ADSP and supporting the company’s platform strategy.

Supporting materials

• Blog: New 7.0 release of F5 Distributed Cloud Services accelerates F5 ADSP adoption
• Blog: Stay ahead of API security risks with our latest F5 Distributed Cloud Services release
• Blog: Latest release of F5 Distributed Cloud Bot Defense unlocks next-level features and enhancements

About F5

F5, Inc. (NASDAQ: FFIV) is the global leader that delivers and secures every app. Backed by three decades of expertise, F5 has built the industry’s premier platform—F5 Application Delivery and Security Platform (ADSP)—to deliver and secure every app, every API, anywhere: on-premises, in the cloud, at the edge, and across hybrid, multicloud environments. F5 is committed to innovating and partnering with the world’s largest and most advanced organizations to deliver fast, available, and secure digital experiences. Together, we help each other thrive and bring a better digital world to life.

For more information visit f5.com
Explore F5 Labs threat research at f5.com/labs
Follow to learn more about F5, our partners, and technologies: Blog | LinkedIn | X | YouTube | Instagram | Facebook

F5, BIG-IP, and NGINX are trademarks, service marks, or tradenames of F5, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

Source: F5, Inc.