A Makeover for DevCentral.
UPDATE: This maintenance has been moved to Jan 24th starting at approximately 8AM Pacific time. --- DevCentral Community, TL;DR - I am announcing some updates coming to the DevCentral community website in a few days - January 17th.24th. This is a mid-sized reboot, some upgrades that we expect will make our online environment a bit nicer to use now and enable more epic-ness to come. ***This update WILL include a maintenance downtime of up to 6 hours starting around 8AM PT (-8 UTC).*** A huge shoutout. I speak for everyone on our team when I say the DevCentral community rocks! We on the DevCentral team are inspired and motivated by your creativity and willingness to share. The depth of your capabilities and the mutual respect you have for individual learning never ceases to amaze. Asyou, collectively, work through increasingly complex problem-spaces we are always working to support your progress. Our recent observations and your suggestions have been buzzing in our ears for several months and so the changes you'll see soon represent next steps for what we think will make your DevCentral community truly exceptional. An updated UI is just the start. Interface updates will be the most obvious, but these are evolutionary rather than revolutionary - a paint job and some new tech. The new tech includes a simpler set of stylesheets, more configurable page templates, some advanced features in the editors, and an overall reductive approach to some historical bloat. One of my design tenets is best summarized as comfortably information dense. DevCentral is a functional website, mostly used during your workweek, and we are looking to strike a balance between engaging with the content quickly and easily (e.g., less scrolling and more filters) without getting eyestrain or needing to know where you are on the site. I'll get into a bit more detail next week and after we launch, I expect to produce some guided walkthroughs you can use to discover some gems. If you are coming to AppWorld in San Jose in February - be sure to stop by our booth and look me up - I can give you a personalized tour.Mention this article and I'll be forced to find some special swag for you too!😎 Wait. Did you say "reductive"? Yes. In a world where everyone backs up everything a subtractive mindset seems nutty. I'm no expert (case-in-point, the length of this announcement) but I embrace the subtractive sentiment and as such I have been ruthless about driving this upgrade for a host of reasons and that *may* have come at the expense of some existing features. Some things won't be present at launch (like Badges and Event calendars) but on-balance I'm sure we will be better off. That said, if something you love disappears - let me know in a comment, in a DM, or on the Suggestions page. I can't promise everything, butI do promise my level-best and that everything is done with intent: sharing valuable and useful technical information with you. Temporary Outage Most important, for now, is to plan for a short outage the morning of Jan 17th approximately 8AM Pacific Time (-8H UTC) for up to about 6 hours. Next: A reminder on Monday, Jan 15th 🚀519Views8likes7CommentsMay the Fourth and Security Trivia on DevCentral with a Chance to Win Prizes
DevCentral is hosting two trivia games to celebrate National Password Day AND May The Fourth (Star Wars Day). Come show off your Star Wars security, password security, and F5 security knowledge in this live event hosted by the DevCentral team and some special guests. There will be three rounds of questions during this hour, with prizes for the winners of each round as well as one lucky random player per game. Get details on how to join by clicking on Option 1:8-9pm Pacific on Thursday, May 3 (7am in the UAE, 8:30am in Bangalore, 11am in Singapore, noon in Tokyo, 1pm in Melbourne and Sydney on May 4 th ) or Option 2:8-9am Pacific on Thursday, May 4(4pm BST, 5pm CET, 6pm EEST, and 7pm GST on May 4 th )838Views6likes1CommentHanging with DevCentral at RSA Conference 2023
AubreyKingF5andbuulamspent last week at RSA Conference 2023 in San Franciscoconnecting with security professionals and colleagues. And, of course, they filmed a lot of those talks to share with the community. Buu connected with Tanya Janca at B-Sides San Francisco, Jason Haddix (BuddoBot), and Joel Violette (IBM) who shares his thoughts on ChatGPT (AI was a hot topic this year across the board). Aubrey shared hisRSA Keynote takeaways, interviewed Alyssa Miller before her panel on CISO challenges, and connected with a ton of other organizations across the expo room floor. Also making an appearance:Scheff,Kyle_Roberts, and Cameron_Delanowho all shared insights from their conversations at the F5 booth. Check out the full playlist of RSA 2023 content here!564Views5likes1CommentThat's A Wrap From BlackHat 2022 - API Security, it's time to shine
We hit the road and we hit it HARD! Between the editing and interviews, it was hard to find a lot of time for sleep. This was a truly immersive experience, heading out there. Coming back to producing another show immediately, I've had some time to reflect on our trip to BlakHat USA 2020. There were some resounding themes, for sure. Firstly, it is an API world. If you look at the summary article of BlackHat 2022 announcements I talked about on DevCentral Connects yesterday, you see a trend: I am THRILLED to see the rest of the security industry finally taking an interest on the segment that we've led in terms of industry deployment numbers for 15 years. In 2007, TMOS 9.2.4 delivered an XML firewall to our customers - able to ingest a WSDL for schema baselines - that learned expected API usage over time like any other http delivered application. SOAP followed shortly, thereafter and, of course, REST shortly after that. This was just an evolution of WAF here at F5. Watching NGINX+ delivery of API gateways add on NGINX App Protect features with the F5 WAF engine showed me that we continue to value this level of API defense at every scale, as well. When I saw Gartner and other vendors starting to call the segment 'WAAP,' it bothered me a bit, as we at f5 have always understood WAF to encompass APIs. I really hope that we can capitalize on our pedigree in this space to deliver our customers the most reliable and scalable API Security solutions there are. Regarding the f5 booth,it's been a minute since I've been at a trade show for f5. The thing that stuck out the most for me was the lack of the term 'load balancing.' What I heard more of was 'API Security,' and 'Multi-Cloud Networking'. What struck me the most was that customers seemed to understand that multi-cloud was really our thing now, and I think that having partners like RedHat has helped us to be viewed as a software company, rather than a big iron vendor. This speaks volumes to our ongoing transformation and our ability to get that message out there. Kudos to our sales teams for really making that apparent. Be sure to follow us all on the socials for content, in addition to YouTube: DevCentral handles:https://www.linkedin.com/showcase/f5-devcentral/| https://twitter.com/devcentral Peter Silva: https://www.linkedin.com/in/psilvas/ | https://twitter.com/psilvas Buu Lam: https://www.linkedin.com/in/buulam/ | https://twitter.com/buulam Aubrey King: https://www.linkedin.com/in/aubreyking | https://twitter.com/aubreykingf5 Content summary: BlackHat USA 2022 Playlist:https://www.youtube.com/playlist?list=PLyqga7AXMtPPL3Xw0qrWO3sZnsbL4amP5871Views5likes1CommentSPECIAL DevCentral Connects - on Basic iControl Security
Basic iControl Security - DevCentral Connects Join JRahmandbuulamon May 12, 2022 at 8AM Pacific as they look at some common questions for people who are getting to know the BIG-IP iControl API. How To: * find out if you're using iControl * verify what queries are being run * Review the iControl logs and * restrict access to iControl Join our DevCentral Connects group to see show notes and get links to relevant articles.810Views5likes3Commentsit-sa Expo & Congress in Germany - DevCentral Visits
buulamis heading to it-sa Expo & Congress 2023 inNuremberg, Germany! Make sure to subscribe to the DevCentral Youtubechannel,and follow DevCentral and Buu Lam to get the latest updates from across the pond. And we'll be sure to update thispost,too. DevCentral Visitsit-sa Expo and Congress Secure Multi-Cloud Networking with Markus Hennig WebAssembly Support added to F5 NGINX Unit Using F5 for SSLO with the German Pension Fund Westcon to the rescue Daniel Wolf on what it means to be a leader in the community DevCentral Visitsit-sa Expo and Congress Buu Lam says hallo from Nuremberg as he heads to it-sa Expo and Congress, one of the biggest security conferences in Europe. F5 can be found at the Weston, Computacentre, and Magellan booths. Stay tuned for more from it-sa, including Markus Hennig's talk, a live hacking demo, and more. Secure Multi-Cloud Networking with Markus Hennig Markus Hennig, F5 Distributed Cloud Services Specialist, talks secure multi-cloud networking at it-sa Expo and Congress 2023. IT security needs are global at a high level--everyone needs automation and flexible deployment options. Markus shares additional regional insights on local security adoption and prioritization. WebAssembly Support added to F5 NGINX Unit Timo Stark, Principal Technical Product Manager at F5 NGINX (and Docker Captain) talks about the new WebAssembly support added to NGINX Unit. Using F5 for SSLO with the German Pension Fund Alexander Müehleck and Oliver Tönnies from the German Pension Fund Network Infrastructure and Security Gateway team talk about their long-term experiences with F5. Most recently, they implemented an SSLO solution across multiple sites that provides outbound security services for their 60,000 users. One big benefit: flexibility--being able to switch seamlessly back and forth between their data centers enables them to do maintenance easily. Westcon to the rescue Buu Lam interviews Robert Jung (Westcon Managing Director for DACH and Eastern Europe region) about how Westcon enables F5 partners to get more value out of their products via training, go-to-market strategies, financing, and more. Robert also shares insights on what he sees in the security business regionally. Daniel Wolf on what it means to be a leader in the community Daniel_Wolf, Security Solutions Engineer at Controlware GmbH, is well-known in the DevCentral Community! Buu Lam meets up with Daniel IRL and gets the story behind his motivations to become DevCentral MVP.1.3KViews4likes0CommentsDevCentral Visits BlackHat 2023 !!!
Once again,is headed to BlackHat in Las Vegas! Find the F5 Booth at Black Hat: A talk with Kara Sprague, Chief Product Officer at F5 Bots, AI, and Social Engineering with Dan Woods at Black Hat 2023 Quantum Cryptography with Keyfactor at Black Hat 2023 Check out PQC Labs educational resources here! MazeBolt's RADAR Dashboard Fighting security alert fatigue with Stellar Cyber App and Security teams working together with Venafi The API security journey with WWT Until next time, Black Hat! Once again,buulamis headed to BlackHat in Las Vegas! He's super-excited to hit the ground in the desert to meet up with the community and some F5 partners! He'll be bringing the experience back to you, right here, so bookmark this article for all the latest news! Find the F5 Booth at Black Hat: Looking for theF5Booth?Here it is! Check out the prize vending machine, Lego give aways, and the new Frankenstack plushies. 🎁 If you're at the show, keep your peepers peeled 👀 forbuulamwhowould love to say "hi!" A talk with Kara Sprague, Chief Product Officer at F5 Buu Lam talks with F5 Chief Product Officer Kara Sprague about F5 solutions, particularly around APIs and Multi-Cloud Networking, and what's in store for the future. 00:30 - What does the role of Chief Product Officer entail? 01:30 - Why API security has suddenly become so important in recent years? 03:40 - The exponential increase in API sprawl. 04:11 - Multi-Cloud Networking growth as a use case. 05:45 - F5 being able to deliver security embedded within Multi-Cloud networking architecture. 06:30 - What does the future hold for F5? Bots, AI, and Social Engineering with Dan Woods at Black Hat 2023 Buu Lam talks with Dan Woods (Global Head of Bot and Risk Management at F5) about bots and AI bring used to create social influence and enhance the damage of social engineering. 00:45 - Ticket bots and Sneaker bots 01:46 - Are businesses actually trying to fix this? 03:10 - Bots and AI being used to create mass social influence 06:10 - AI being used to greatly enhance the damage of social engineering Quantum Cryptography with Keyfactor at Black Hat 2023 Ted Shorter from Keyfactor talks about post-quantum cryptography, its impact, and how organizations can stay ahead of the curve. 00:40 - Post-Quantum Cryptography 01:00 - KeyFactor's PQC Lab: an educational resources 02:20 - Strategies for thriving in a post-quantum world Check out PQC Labs educational resources here! MazeBolt's RADAR Dashboard Matthew Andriani (Founder and CEO of MazeBolt) walks us through a demo of MazeBolt's RADAR dashboard--showing how vulnerabilities can be remediated, then re-checked with updated results within 5 minutes. Fighting security alert fatigue with Stellar Cyber SOC teams face alert fatigue and the burden of so many tools. Stephen Salinas shares how Stellar Cyber uses AL and ML to reduce the noise. This allows security analysts to use information gathered across all their security tools to reach conclusions quickly. For more coverage from Buu Lam at #BlackHat, check out the DevCentral overview here: https://community.f5.com/t5/devcentral-news/devcentral-visits-blackhat-2023/ta-p/319253 App and Security teams working together with Venafi Teamwork makes the dream work. Paul from Venafi sees app and security teams coming together to resolve conflicts by reaching the outcomes they want without getting in each others way. The API security journey with WWT Where are you at in your API security journey? David and Clint from WWT share their perspective, their education-focused engagement with customers, the importance of real world scenario training. Until next time, Black Hat! That's a wrap for DevCentral at Black Hat 2023! Buu Lam shares some takeaways and observations: API security dominating discussions Hybrid and Multi-Cloud is the new norm Frankenstacks are cool, look for them at future events3.4KViews4likes0CommentsThat's a Wrap! DevCentral Visited: GovWare 2022
A couple months ago, I was asked to attend GovWare, in Singapore. Ignorant to events outside of North America, I was surprised to find out this was an event that attracted 10,000+ attendees from all around Asia and was in fact, Asia's largest Cyber Security conference! Held in the famous Marina Bay Sands Expo and Convention Center, this event was bigger than I imagined and busier than I'd experienced otherwise, all year. What made the difference here was the people. The show floor was extremely energetic with people willing to learn. The talk tracks had some of the worlds brightest talents on stage. F5 even sent our very own Joel Moses, Distinguished Engineer and CTO of Platforms and Systems, as well as Dr. Aditya K. Sood, Senior Director of Threat Research and Security Strategy - 2 folks from our Office of the CTO who are some very bright thinkers. I set out to determine what are some differences in Cyber Security in Asia. In fact, I asked this of nearly everyone I met. Most replied that its not that different. If anything, I just heard amplified messages from earlier this year. API security is a real concern. Enabling security for app developers is a priority so that they can focus on code. One topic that was discussed more than I'd heard before is interesting edge computing use cases. Not just standard compute, but AI/ML use cases and security use cases. So basically, everything is the same, but different😄 Of course, I created much content for everyone to follow along. In case you hadn't seen it all, I'll link a playlist with everything (over 20 videos) if you'd like to binge. But I'll also list some of my favorite pieces directly, as well! 🎥 DevCentral Visits: GovWare 2022 - Full Playlist🎥1.6KViews4likes1Comment