Is it May already? Did you enjoy your ‘May the Fourth’ along with ‘Revenge of the Sixth’? For me, May is filled with a bunch of family holidays along with Mother’s Day, of course. May also falls perfectly for our 5th installment of the #DC Chronicles. If you missed our initial issues of the DC Chronicles, you can catch up with the links at the bottom. The Chronicles are intended to keep you updated on DevCentral happenings and highlight some of the cool content you may have missed since the last issue. Welcome!
We’re only 3 months away from #F5Agility18 in Boston, August 13-16! You can hang out with the DevCentral team and many MVPs will also be in attendance to share their expertise. Our team is prepping some sessions and look forward to socializing with the community. Get the details here and now’s the time to register for F5 Agility 2018 and lock in your labs and sessions. Also, Early Birds get $300 off the registration fee Through May 18!
If you haven’t heard, BIG-IP Cloud Edition is will be available soon! BIG-IP Cloud Edition is built by tightly integrating BIG-IQ Centralized Management and BIG-IP Per-App VEs to deliver advanced application services and management. You can autoscale, offer self-service management for app owners, and per-app analytics. We got a couple cool pieces covering Cloud Edition: Chase’s Skies Never Looked So Good With BIG-IP Cloud Edition where he explains all the pieces of the pie and also check out Jason’s Lightboard Lessons: BIG-IP Cloud Edition Overview.
We also dropped a couple other #LightBoardLessons for your viewing pleasure covering some of our new Security solutions. John lights up the DDoS Hybrid Defender and introduces us to the new F5 Advanced WAF. DDoS Hybrid Defender offers comprehensive DDoS threat coverage in a simple, dedicated appliance with native, cloud-based scrubbing services and the awesome Advanced WAF protects against the latest attacks using behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Couple of cool tools to help mitigate internet threats.
Mitigate threats you say? There will always be vulnerabilities in the wild and depending on the type of threat, we’ll typically have some mitigation techniques to share. Our SIRT (Security Incident Response Team) folks are always examining the murk out there and sharing insights. This past month is no different with mitigation techniques for Remote Code Execution with Spring Data Commons (CVE-2018-1273), Directory Traversal with Spring MVC on Windows (CVE-2018-1271) and the Drupal Core Remote Code Execution (CVE-2018-7602). In a few cases, BIG-IP ASM customers were already protected by the existing signatures!
As we wrap up this edition, we’d also like to point out @GrahamAlderson‘s new video series AppSec Made Easy with examples for Anti-Bot for Mobile APIs, Proactive Bot Defense, L7 Behavioral DoS and a couple more this week. And we’d be remiss if we didn’t call out Bank of America’s Jai Kumar as our Featured Member for May!
*** This is a Security Bloggers Network syndicated blog from psilva's prophecies authored by psilva. Read the original post at: https://psilvas.wordpress.com/2018/05/08/the-devcentral-chronicles-volume-1-issue-5/