F5 Offers Free Vulnerability Assessment Scans In Partnership With Cenzic And WhiteHat Security

Program is designed to help enterprises accelerate adoption of Web application security best practices

July 9, 2012

5 Min Read


SEATTLE, JULY 9, 2012 – F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, today announced a new program that offers enterprise organizations free application vulnerability assessment scans. In partnership with two leading dynamic application security testing (DAST) partners, Cenzic and WhiteHat Security, the F5® program makes it easy for customers to try vulnerability assessment services—with no commitment. The program is designed to help enterprises accelerate their adoption of web application security best practices with an automated, accurate, yet simple solution to protect business assets. To support customers that need assistance in scoping their web application security status and to establish a roadmap to mitigate exposures, F5® Professional Services is introducing the BIG-IP® ASM® Vulnerability Mitigation Assessment service.

“The CIOs and CISOs I meet with are chartered with driving more services online, but are extremely concerned about the security risks in today’s dynamic threat environment,” said Manny Rivelo, EVP of Security and Strategic Solutions at F5. “Yet, in many cases, enterprises do not execute an application security strategy because they do not have proof that their applications are vulnerable. With this offering of free vulnerability scans, F5 is making it easier to build the business case for enterprises to adopt a web application security plan and ensure their applications are safe and their brand is protected.”

Automation Simplifies and Strengthens Security

By testing and rapidly remediating vulnerabilities, organizations can dramatically reduce their window of exposure to security breaches through comprehensive assessments, strong web application firewall policies, and automated virtual patching. Seamless integration between the DAST vendor’s XML API and F5’s BIG-IP Application Security Manager TM (ASM) v11.2 make it convenient for IT staff to: (1) perpetually test and verify application vulnerabilities; (2) automatically mitigate vulnerabilities with a single click; and (3) verify the efficacy of the mitigation by leveraging the DAST vendor product’s testing infrastructure. This is accomplished all within the F5 ASM interface.

The new F5 Professional Services offering helps customers hone in on the vulnerabilities identified by the Cenzic Cloud or WhiteHat Sentinel assessments by delivering a vulnerability mitigation assessment report that outlines the recommended approach to remediate vulnerabilities.

Learn more about F5’s “Free Scan” offering and best practices in web application protection by attending an F5 Security Forum entitled “Is it Time to Rethink Security?” being held in cities across the Americas starting July 10, 2012. F5 security experts, along with Cenzic and WhiteHat representatives, will be discussing today’s security challenges and how to address them. F5 customers, prospects, and partners can find more details and register for a forum here.

Supporting Quotes

“We’re excited to be the first F5 partner to have a unique single-click application testing solution that can be initiated directly from the BIG-IP ASM GUI. This empowers customers to patch vulnerabilities almost instantaneously without waiting for days,” said John Weinschenk, CEO of Cenzic. “Further, with vulnerability scans provided by Cenzic that are tightly integrated directly from ASM, enterprises can both simply trial and provision a complete web application security solution that allows them to review assessment results and conversion of the detected vulnerabilities into ASM blocking policies.”

“Building on our long-standing partnership with F5, we are delighted to be a key provider in the F5 ‘Free Scan’ program and applaud F5’s efforts and intensified focus in highlighting the importance of application security in the enterprise,” said Stephanie Fohn, CEO of WhiteHat. “Leveraging F5’s application delivery controller and WhiteHat’s 100-percent verified assessment results is the right solution for customers seeking to maximize the effectiveness of a high-performance web application firewall. In our recent Website Security Statistics report, we revealed that web application firewalls could have helped mitigate the risk of at least 71-percent of all custom web application vulnerabilities identified in 2011.”


F5’s “Free Scan” offering has released with BIG-IP ASM version 11.2, which is available today. Customers have access to free 30-90 day vulnerability assessments from Cenzic and WhiteHat. Organizations that do not have BIG-IP ASM v11.2 may receive a free evaluation license by contacting their F5 representative or channel partner. The new F5 Professional Services offering, BIG-IP ASM Vulnerability Mitigation Assessment service, will be available in August 2012.

Additional Resources

· Vulnerability Assessment with Application Security — White Paper

· F5 BIG-IP ASM Vulnerability Mitigation Assessment — F5 Professional Services Offering

· Cenzic Application Security Trends — Report

· Cenzic Security Assessment — Free Offering for F5 Customers

· WhiteHat Website Security Statistics — Report

· WhiteHat Security Assessment — Free Offering for F5 Customers

About F5 Networks

F5 Networks, Inc., the global leader in Application Delivery Networking (ADN), helps the world’s largest enterprises and service providers realize the full value of virtualization, cloud computing, and on-demand IT. F5® solutions help integrate disparate technologies to provide greater control of the infrastructure, improve application delivery and data management, and give users seamless, secure, and accelerated access to applications from their corporate desktops and smart devices. An open architectural framework enables F5 customers to apply business policies at “strategic points of control” across the IT infrastructure and into the public cloud. F5 products give customers the agility they need to align IT with changing business conditions, deploy scalable solutions on demand, and manage mobile access to data and services. Enterprises, service and cloud providers, and leading online companies worldwide rely on F5 to optimize their IT investments and drive business forward. For more information, go to www.f5.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights