Global WAF report underscores F5 as key player in web application firewall security
F5’s position as a dominant player in the Web Application Firewall (WAF) market has been underscored by its participation in ‘Global Web Application Firewall Market Research Report 2017 to 2022’, which presents an in-depth assessment of the WAF market including enabling technologies, key trends, market drivers and challenges.
The study includes a number of WAF manufacturers including F5, the specialist in application delivery networking technology for the delivery of web applications, as well as security and network and cloud resources. F5 was also named as a Leader in the Gartner Magic Quadrant report for 2017 for web application firewalls (WAF).
Simon McCullough, major channel account manager at F5, says, “This report, which combines a number of players in the global WAF industry, reminds us that, in an attack on applications, traditional network firewalls are not a defence – defence here, requires a separate strategy. The study’s research includes historic data from 2012 to 2016, as well as forecasts until 2022. F5 was very pleased to participate in this invaluable and informative report, in order to play our part in continuing to move this area of cybersecurity forward.”
Anton Jacobsz, managing director at Networks Unlimited, a value-added distributor of F5 in Africa, adds, “F5 takes pride in sharing research and knowledge, having previously sponsored the Ponemon Institute in order to present the 2016 report, ‘Application Security in the Changing Risk Landscape’. The purpose of the Ponemon study was to understand how today’s security risks are affecting application security. In total, 605 IT and IT security practitioners in the United States were surveyed on application security activities. The majority of respondents (57 percent) said that a lack of visibility in the application layer was preventing a strong application security.”
McCullough adds that in the Ponemon report, 63 percent of respondents say attacks at the application layer are harder to detect than at the network layer and 67 percent of respondents say these attacks are more difficult to contain than at the network layer. Key points from this research include the following:
- Lack of visibility in the application layer is the main barrier to achieving a strong application security posture.
- The frequency and severity of attacks on the application layer is considered greater than at the network layer.
- Network security is better funded than application security.
- Accountability for the security of applications is in a state of flux.
- Mobile and business applications in the cloud are constantly increasing, which is seen as significantly affecting application security risk.
- Ensuring developers understand secure coding practices could reduce application security risk.
- More testing of applications is needed, with only 14 percent of respondents saying that applications were tested every time the code changes.
- DevOps or continuous integration is believed to improve application security.
- Thirty percent of respondents say their organizations use WAFs as the primary means to secure applications.
- Sixty percent of respondents anticipate that the applications developer will assume more responsibility for the security of applications.