F5 launches post-quantum cryptography tools for secure future
With the ongoing development of quantum computing, longstanding cryptographic defences face new risks, as current algorithms may soon become vulnerable to attack. According to an assessment from Gartner: "The motivation for IT departments to adopt post-quantum cryptography is grounded in the fact that advances in quantum computing will make asymmetric cryptography unsafe by 2029. By 2034, asymmetric cryptography will be fully breakable with quantum computing technologies."
Quantum computing risk
The arrival of quantum computing requires a shift in traditional cybersecurity strategies. Malicious actors have begun to employ a "harvest now, decrypt later" approach, where they collect encrypted data today in anticipation of being able to decrypt it later when quantum computing power becomes available. This affects sensitive records, including user information, financial data, healthcare details, and intellectual property.
Transitioning to PQC is not a conventional system upgrade, but a structural change to cyber defences requiring careful planning and execution. Organisations attempting this without adequate preparation could be exposed to unplanned outages, operational disruptions, and compliance challenges—especially within hybrid or multicloud environments supporting a mix of legacy and modern systems.
F5's platform approach
F5's Application Delivery and Security Platform now integrates PQC readiness tools, supporting both application and API security. The platform is intended to equip organisations to secure systems and data without compromising performance or scalability, and is compatible with server-side and client-side encryption requirements across hybrid and legacy environments.
The company states its system supports a phased migration to quantum-safe encryption, allowing organisations to combine established and quantum-resistant methods. This approach is designed to provide interoperability, and options for gradual upgrades without disrupting ongoing business. "Post-quantum threats aren't a distant problem—they're a forcing function to modernise security now," said Kunal Anand, Chief Innovation Officer at F5. "Our platform makes PQC adoption practical so enterprises can future-proof their apps, APIs, and trust models without slowing down."
Features and capabilities
The new PQC solutions provide several stated benefits. These include cryptographic protection for data and intellectual property using algorithms standardised by NIST, end-to-end coverage from user devices to backend services, and support for high availability. The solution is also said to include a unified management dashboard delivering insight into encrypted traffic within the security ecosystem, with support for AI-driven diagnostics and automated compliance reporting.
As regulatory standards evolve to address quantum-related threats, F5 aims to help businesses remain compliant and secure, particularly during transition periods when both classical and quantum-resilient cryptographic tools may be in simultaneous use.
Transition and adoption
The company posits that the move to PQC does not only address a technical requirement, but also acts as a prompt for broader organisational innovation. With full proxy capabilities, the new solutions are designed to support hybrid cryptographic models, so organisations can implement PQC alongside current encryption at a pace that matches each business's operational requirements.
This flexibility, according to F5, is particularly relevant for businesses dependent on applications and APIs that underpin their digital operations. The company claims its tailored support is aimed at assisting such organisations to adopt quantum-ready protocols without disruption to application delivery or user experience.
F5's post-quantum cryptography readiness solutions are now available within its Application Delivery and Security Platform.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
a day ago
- Techday NZ
Rapid7 unveils Vector Command Advanced for compliance, security
Rapid7 has introduced Vector Command Advanced, extending its continuous red teaming and exposure validation services by integrating penetration testing, segmentation checks, and compliance validation within its Command Platform. The Vector Command Advanced service combines automated processes with human expertise to deliver continuous adversary simulation, internal control testing, and audit-ready reporting. The platform is aligned with recognised compliance standards, including PCI, ISO 27001, and NIST, and seeks to support organisations in validating security controls, uncovering attack paths, and demonstrating regulatory compliance. Service features Vector Command Advanced incorporates internal penetration and segmentation testing to complement exposure validation capabilities. This expanded service framework is designed to help organisations prove the effectiveness of their internal controls and protections against lateral movement by simulating real-world adversary tactics. Craig Adams, Chief Product Officer at Rapid7, said, "Security leaders today are looking for outcomes. Ultimately, they need to be able to demonstrate that their controls work, they're reducing risk, and they can pass the audit. Vector Command Advanced delivers that proof. Combined with the deep visibility of Surface Command and the scalable, integrated power of our Command Platform, Vector Command Advanced underscores how automation, integration, and human-led red teaming can transform how organisations manage their attack surface and meet growing regulatory pressure." The service enables persistent, expert-led validation of controls across both external and internal organisational environments. By simulating the behaviour of actual threat actors and mapping potential exposures to critical business systems, it helps security teams to prioritise remediation where it is most required and supports the preparation of compliance evidence. Compliance and attack path validation Vector Command Advanced aims to facilitate compliance by delivering annual, scoped assessments of network segmentation and internal controls. This functionality is intended to assist organisations in meeting regulatory and audit requirements. The platform also packages documentation for relevant frameworks and internal reviews, designed to ease the burden of reporting for standards such as PCI, ISO 27001, and NIST. Security leaders today are looking for outcomes. Ultimately, they need to be able to demonstrate that their controls work, they're reducing risk, and they can pass the audit. Vector Command Advanced delivers that proof. Combined with the deep visibility of Surface Command and the scalable, integrated power of our Command Platform, Vector Command Advanced underscores how automation, integration, and human-led red teaming can transform how organisations manage their attack surface and meet growing regulatory pressure. Rapid7's approach leverages a blend of automated testing and human-led simulations, expanding on attack path analysis both inside and outside network perimeters. Key features include persistent reconnaissance to identify internet-facing exposures from an attacker's perspective and the use of advanced tactics, techniques, and procedures (TTPs) in adversary simulation exercises such as phishing and lateral movement attempts. Technology alignment The capabilities of Vector Command Advanced align with Gartner's definition of Adversarial Exposure Validation (AEV): "Technologies that deliver consistent, continuous and automated evidence of the feasibility of an attack. These technologies confirm how potential attack techniques could successfully exploit an organisation and circumvent prevention and detection security controls. They achieve this by performing attack scenarios and modelling or measuring the outcome to prove the existence and exploitability of exposures." The service's attack path visualisation tools are aimed at providing clarity around multi-vector exposure chains within the organisation's environment, facilitating targeted response and reducing mean time to remediate vulnerabilities. Supporting compliance and risk management By integrating Surface Command for external asset discovery with context-aware risk prioritisation, Vector Command Advanced enables a cohesive platform experience for security and compliance teams. Users gain access to streamlined audit reporting, prepared by advisors to satisfy third-party or internal compliance frameworks. Through these combined features, Rapid7 seeks to address the need for demonstrable, ongoing security effectiveness and support for regulatory obligations, focusing cybersecurity operations on outcomes and audit readiness.
Techday NZ
6 days ago
- Techday NZ
Upwind named CNADR company of the year & praised by analysts
Upwind has been recognised by Frost & Sullivan and Gartner in 2025, including being named Company of the Year in the CNADR sector and cited across several analyst reports. Frost & Sullivan awarded Upwind the 2025 Company of the Year title in the Global Cloud-Native Application Detection & Response (CNADR) market, highlighting the company's growth and approach to cloud-native security. At the same time, Upwind featured in Gartner's 2025 Market Guide for Cloud-Native Application Protection Platforms (CNAPP) and was listed as a sample vendor on three of Gartner's 2025 Hype Cycles related to workload and network security, container technologies, and platform engineering. Analyst assessments Upwind was featured in the Hype Cycle for Workload and Network Security, the Hype Cycle for Container Technologies, and the Hype Cycle for Platform Engineering for 2025, all under the CNAPP category. In these reports, CNAPP is identified by Gartner as a technology with a "High Benefit Rating" expected to reach mainstream adoption within two to five years, citing rising demand for consolidated cloud-native security solutions across Kubernetes and multicloud environments. Gartner's 2025 Market Guide for CNAPP includes Upwind among the representative vendors in a sector that, according to the guide, is consolidating security capabilities to provide full-lifecycle protection, from development to runtime in modern multicloud landscapes. The guide notes that CNAPPs are geared to deliver integrated protection across dynamic, container-based application environments. "Upwind's real-time insights and support have enhanced our cloud security operations," said Sardorbek Pulatov, VP Engineering & Security at Vestiaire Collective. "Upwind saves us a significant amount of time, helping our team focus on the truly critical alerts while disregarding low-priority findings. With Upwind, we are able to identify any vulnerabilities and can prioritise them for remediation - helping us operate more efficiently and securely." Gartner also noted in its Market Guide for CNAPP that, "by 2029, 40% of enterprises that successfully implement zero trust within cloud service provider environments will rely on the advanced visibility and control capabilities offered by CNAPP solutions". Additionally, Upwind reports a customer rating of 4.9 out of 5 on Gartner Peer Insights for CNAPP, based on verified reviews. Frost & Sullivan's report flagged Upwind's rapid annual growth of over 4,000 percent year-on-year and its success in integrating previously disparate tools into a single platform, noting its efforts in runtime intelligence in particular. Technical approach and platform features Upwind's cloud security platform is designed using a Runtime-first approach. The company states that its architecture, which incorporates a lightweight eBPF-based sensor, enables full-stack visibility and real-time threat response without adding operational overhead for development teams. A key feature of the Upwind platform is the "Threat Stories" capability, which connects runtime signals, configuration data, audit logs, and identity information in a unified dashboard. This allows security teams to trace threats directly to the source code or deployment pipeline responsible for introducing vulnerabilities. "Security can't be bolted on after deployment. It has to be built in continuously, contextually, and with developers at the center," said Amiram Shachar, CEO and Co-Founder of Upwind. "To us, this wave of analyst recognition validates the strength of our vision, our product, and most importantly, our team. Upwind's momentum is driven by real customer adoption, technical innovation, and word-of-mouth from the people who use and love our platform. We're not building for the exit; we're building for impact. We're focused on solving real, complex problems for the teams building and securing the cloud. That's why engineers, platform teams, and SOCs are choosing Upwind to simplify, scale, and unify cloud-native security at the speed of modern development." Market context and future trends With the rising adoption of cloud-native technologies, industry analysts have pointed to a shift among organisations from fragmented toolchains toward more integrated platforms that offer visibility throughout the application lifecycle. Gartner's reports state that CNAPP platforms are becoming a preferred model for managing the security of dynamic cloud environments, particularly as companies increase their investments in DevSecOps, platform engineering, and generative AI systems. Frost & Sullivan described Upwind as impactful for its capability to merge detection, response, and protection services into a singular platform. The report credits Upwind with consolidating functions such as ADR (Application Detection and Response), CDR (Cloud Detection and Response), CWPP (Cloud Workload Protection Platforms), and CSPM (Cloud Security Posture Management), thereby supporting operational efficiency for customers.
Techday NZ
6 days ago
- Techday NZ
ScienceLogic unveils new AI features to boost IT automation & insight
ScienceLogic has announced updates to its suite of solutions, bringing new features to its AI Platform and Skylar AI Suite aimed at enhancing automation, observability, secure government operations, and low-code development for IT teams. The announcement follows recent industry recognition of ScienceLogic's offerings. The company has been named a Visionary in the 2025 Gartner Magic Quadrant for Observability Platforms and a Leader in The Forrester Wave: AIOps Platforms, Q2 2025. These accolades highlight the company's ongoing product development and its approach to agentic AI in support of Autonomic IT environments. "We're focused on delivering purposeful AI that empowers IT teams with the insight and control they need to stay ahead of disruptions," said Michael Nappi, chief product officer at ScienceLogic. "By combining advanced analytics, automation, and secure extensibility, we're helping customers drive better outcomes across hybrid-cloud and mission-critical environments." Among the headline updates is the refinement of the Skylar Analytics solution. ScienceLogic's Skylar Analytics has received industry awards including the AI Breakthrough Award for "Predictive Analytics Platform of the Year" and a Bronze Stevie in the "Artificial Intelligence and Machine Learning Solution" category. ScienceLogic has built on these achievements by enhancing Skylar Analytics in several ways. A core update involves improved data visualisation capabilities. The solution now incorporates Apache Superset dashboards, providing users with a broad set of visualisation tools. These include everything from bar charts to complex geospatial visualisations. The system is designed with an intuitive, no-code interface, so users with varying levels of technical experience can quickly build charts and dashboards to better convey data insights. ScienceLogic has also expanded its data export functions. New Open Database Connectivity (ODBC) integrations are available with Tableau and Microsoft Power BI, enabling business intelligence teams to conduct deep metric analysis. This capability allows organisations to leverage ScienceLogic's data lake using familiar tools and existing expertise. Additional enhancements include a new anomaly detection feature. The updated Device Investigator tool prioritises the scoring of outliers in time series data, displaying these directly to users for prompt awareness of unusual activity. Predictive alerting functionality has also been added, which automatically flags potential issues such as storage exhaustion or network oversubscription before they can escalate. Updates to the Skylar Analytics suite are intended to help IT teams shift from reactive responses to more proactive, insight-driven management of their IT environments. Government and compliance ScienceLogic's Government Cloud has achieved FedRAMP Moderate Authorisation, aligning with over 300 NIST controls. The platform is now listed on the FedRAMP Marketplace and the Department of Defence Information Network Approved Products List (DoDIN APL). These developments are intended to simplify procurement processes for federal agencies and strengthen operational resilience with Zero Trust-aligned dashboards and AI-based decision support. GPU monitoring and AI operations The updated NVIDIA GPU Monitoring ScienceLogic PowerPack (v100) is another feature of note. Targeting high-performance compute environments, including AI training, simulation, and edge computing, the PowerPack offers automated discovery and real-time monitoring of GPU metrics such as utilisation and thermal status. Built-in event policies issue alerts for conditions like overheating or performance degradation, supporting optimal use of expensive GPU systems and workloads. These monitoring capabilities help maintain uptime and manage the complexity of expanding GPU infrastructure. Low-code customisation tools ScienceLogic's Dynamic Application Builder has also been updated, providing a low-code wizard to accelerate the development of custom monitoring tools. The latest version enables developers to configure credentials, retrieve API or CLI payloads, and export data directly to the management platform. Additional features include support for rapid creation of PowerPack-ready components via snippet arguments, JC parsers, and custom headers, as well as improved security and authentication options. Integration with the Low-Code Tools PowerPack enables bulk deployment, with upcoming support for OAuth2 authentication planned. By introducing these enhancements, ScienceLogic is offering IT teams additional resources to monitor, manage, and automate systems according to evolving organisational requirements, with particular emphasis on visualisation, compliance, high-performance infrastructure management, and customisation through low-code development.
