DevCentral's Featured Member for November - Mohamed Salah
Our Featured Member series is a way for us to show appreciation and highlight active contributors in our community. Communities thrive on interaction and our Featured Series gives you some insight on some of our most engaged folks. F5 Community Member Mohamed Salah is our DevCentral Featured Member for November! He's been helping many other members with some great tips so let's catch up with Mohamed!How to listen to the DevCentral Podcasts
Announcing the DevCentral Podcasts! DevCentral Podcasts After about 100 video live streams, we are now offering the DevCentral Connects live stream as an audio podcast. This can be found on all the main podcast platforms. Additional podcasts can be found under the DevCentral channel as well. F5's Office of the CTO shares "WebAssembly Unleashed," a podcast for architects, practitioners, technologists, and general Wasm enthusiasts. Watch the feed and join the hosts to dig into all things Wasm! DevCentral Connects on Apple Podcasts DevCentral Connects on Spotify To accommodate this format, I'll ensure that if there is ever any video content, it will be narrated such that the audio experience isn't missing out. Heavily technical content requiring following screen actions such as JRahm 's Live Coding Sessions will be done in its own format, still via live stream video. These shows pop-up whenever Jason has an idea brewing in his mind so I suggest you subscribe to DevCentral on YouTube, LinkedIn, Twitter or Facebook to get notified when he does go live. Hint: Join the DevCentral Connects Group hub to get advance notice of events like these! This Month In Security Podcast Be sure to check out AubreyKingF5on his Security collaboration podcast which is also available on all major platforms. This collaboration with F5 SIRT and F5 Labs is a must see listen if you want dive deeper into security! This Month in Security on Apple Podcasts5 Technical Sessions That Should Be Great: F5 AppWorld 2025
These F5 Academy sessions explore modern app delivery, security, and operations. The full list of sessions is on the F5 AppWorld 2025 Academy page - if you haven't yet registered you can do so here: Register for F5 AppWorld 2025 LAB - F5 Distributed Cloud: Discovering & Securing APIs API security has never been more critical, and this lab dives straight into the tough stuff. Learn how to find hidden endpoints, detect sensitive data and authentication states, and apply integrated API security measures to keep your environment locked tight. TECHNICAL BRIEFING - LLM Security and Delivery with F5’s Distributed Cloud Security Ecosystem AI is fueling the next wave of applications—but it’s also introducing new security blind spots. This briefing explores how to secure LLMs and integrate the right solutions to ensure your AI-driven workloads remain fast, cost-effective, and protected. LAB - F5 NGINX Plus Ingress as an API Gateway for Kubernetes Containerized environments and microservices are here to stay, and this lab helps you navigate the complexity. Configure NGINX Plus Ingress as a powerful API gateway for your Kubernetes workloads, enabling schema enforcement, authorization, and rate-limiting all in one streamlined solution. LAB - Zero Trust at Scale With F5 NGINX Zero trust principles become a whole lot more meaningful when you can scale them. Get hands-on with NGINX Plus and BIG-IP GTM to build a robust, scalable zero trust architecture, ensuring secure and seamless app access across enterprises and multi-cluster Kubernetes environments. LAB - F5 Distributed Cloud: Security Automation & Zero Day Mitigation In this lab, you’ll learn how to leverage advanced matching criteria and custom rules to quickly respond to emerging threats. Shore up your defenses with automated policies that deliver frictionless security and agile zero-day mitigation. Session Updates Coming in January 🚨 AppWorld's Breakout Sessions officially drop in January 2025 but here is a sneak preview! Check back in January to add these to your agenda. Global App Delivery With a Global Network How Generative AI Breaks Traditional Application Security and What You Can Do About It The New Wave of Bots: A Deep Dive into Residential IP Proxy Networks From ZTNA to Universal ZTNA: Expanding Your App Security Strategy --- See you at F5 AppWorld 2025! #AppWorld25DevCentral ICYMI - September 2024
DevCentral publishes new content constantly, and it’s easy to miss the latest from F5’s technical user community with all that turnover. So here’s a monthly round-up of DevCentral news, content, and events—in case you missed it! New and Notable Share Your Expertise at F5 AppWorld 2025! CFP is now open. F5 and NetApp partnership for Large Language Model AI deployments - F5 and NetApp have teamed up to improve enterprise AI capabilities by using F5’s secure multicloud networking solutions with NetApp’s data management tools. Experience the power of F5 NGINX One with feature demos - Introducing F5 NGINX One, a powerful solution designed to significantly enhance business operations with its high-performance data plane and user-friendly SaaS-based console, offering robust traffic management and critical monitoring features. Content Round-Up AI/LLM F5 BIG-IP and NetApp StorageGRID - Providing Fast and Scalable S3 API for AI apps - F5 BIG-IP's advanced load balancing improves HTTPS server performance. It ensures high availability and optimal storage node utilization when used with NetApp's StorageGRID S3 compatible object storage. How to Prepare Your Network Infrastructure to Add HPC Clusters for AI to Your Data Center - HPC AI cluster integration in enterprise data centers brings challenges, such as network segmentation, security, and high costs. Learn how to overcome these challenges. F5 Distributed Cloud: How I Did it - Migrating Applications to Nutanix NC2 with F5 Distributed Cloud Secure Multicloud Networking - Enterprises struggle to scale and migrate applications while maintaining consistent security and user experience. F5 Distributed Cloud Services (XC) simplifies extending and migrating applications from on-premises environments to Nutanix NC2 clusters, backed by Nutanix's comprehensive hyper-converged infrastructure. Security Insights What is Web Cache Exploitation? - Explore insights from a recent BlackHat/DefCon 2024 presentation on Web Cache Exploitation, which reveals how discrepancies in HTTP server and proxy behaviors can lead to vulnerabilities like Web Cache Poisoning and Web Cache Deception. (HTTP) Redirection via Arbitrary Host Header - In this article, we delve into the importance of the Host header in web requests, its role in enabling multiple-domain hosting, and the potential security risks associated with improper handling. How to Identify and Manage Scrapers (Pt. 1) and How to Identify and Manage Scrapers (Pt. 2) - Here are different ways to find and manage web scraping activities. This includes: scrapers that identify themselves, identifying using IP address, more advanced techniques for finding scrapers that don't identify themselves. We will also talk about the challenges caused by pretending to be someone else and the increase in scraping done by AI. Exploring the Zero Trust Models of AWS, Microsoft, and Google - In response to distributed workforces and advanced cyber threats, the Zero Trust Model enforces strict identity verification, granular access control, and continuous monitoring for users, devices, and resources. Major cloud providers like AWS, Microsoft, and Google have their own versions. Scanning for CVE-2017-9841 Drops Precipitously - The July 2024 Sensor Intelligence Series reports a significant drop in scanning activities for vulnerabilities CVE-2017-9841 and CVE-2023-1389, despite their previous high levels. This highlights the importance of ongoing cybersecurity vigilance. Scuba Gear from CISA, ROBLOX Malware Campaign, and RUST backdoo-rs This Week in Security Leaks & breaches, memory-safe C++, cryptominers and bridging the air-gap This Week in Security GC Document AI Transitive Access Abuse, make-me-root holes in VMWare fixed and more - This Week in Security BIG-IP Next: How to secure egress with F5 Service Proxy for Kubernetes (Japanese language version: 次世代のBIG-IP SPKとK8s コンテナの外部アクセス制御) - Securing Kubernetes egress traffic can be challenging. F5's Service Proxy for Kubernetes (SPK) offers a solution. It dynamically manages egress through its Calico egress gateway. This allows for central control, consistent network policies, and source NAT translation. BIG-IP Next Installation Guides - These resources will walk you through the initial steps of getting Central Manager and instances installed on the various platforms for labs and production. F5 Distributed Cloud: How I Did it - Migrating Applications to Nutanix NC2 with F5 Distributed Cloud Secure Multicloud Networking -Enterprises face challenges with scaling and migrating applications. F5 Distributed Cloud Services (XC) helps by enabling seamless application extension and migration, as shown with Nutanix NC2 clusters. Architecture Options for Kubernetes Service Discovery in Distributed Cloud - F5 Distributed Cloud (XC) Virtual Edition Customer Edge increases service discovery in Kubernetes clusters, allowing easy connectivity in dynamic microservices environments. Cascading Configs Tool for F5 Distributed Cloud Managed Service Provider (MSP) and Delegated Access Customers - The new XC-Cascading-Configs tool simplifies configuration management for F5 Distributed Cloud customers. It allows efficient push and maintenance of shared configurations across multiple tenants. NGINX: Deploying F5 NGINX Plus Graviton-powered Containers as AWS ECS Fargate Tasks - Amazon's Graviton4 chip offers great price-performance for cloud architects. NGINX Plus works with ARM64, ECS, and ECS Fargate. It's easy to set up, use, and scale within AWS. Announcing F5 NGINX Gateway Fabric 1.4.0 with IPv6 and TLS Passthrough - NGINX Gateway Fabric 1.4.0 features IPv6 support, TLS passthrough, server zone metrics, custom pod annotations, and improved testing automation. It ensures stability and performance for Kubernetes clusters. BIG-IP: F5 BIG-IP deployment with Red Hat OpenShift - keeping client IP addresses and egress flows - OpenShift 4.14's AdminPolicyBasedExternalRoute improves control of egress traffic by utilizing F5 BIG-IP as the default gateway for certain namespaces. This feature ensures client IP preservation and integrates security functions. BIG-IP VE in Red Hat OpenShift Virtualization - Running BIG-IP VE in Red Hat OpenShift Virtualization connects virtual machines and Kubernetes. This simplifies management and operations by using OpenShift's KubeVirt and QEMU+KVM Linux virtualization layers. VMware to Red Hat OpenShift Virtualization Migration - Seamlessly migrate workloads and BIG-IP Virtual Editions from VMware to OpenShift Virtualization. Our comprehensive guide will streamline your transition and unify your application infrastructure. F5 Cloud Failover Extension (CFE), private endpoints, and custom DNS - Using the F5 Cloud Failover Extension (CFE) for API-based failover in public cloud environments can cause issues with API calls being blocked. This is due to custom DNS settings and private endpoints. To resolve this, configure DNS settings to properly resolve private IP addresses.DevCentral Visits SecTor 2023
@buulam made his debut at SecTor 2023 in Toronto this year and Rebecca_Moloney tagged along to learn a thing or two! Here are some highlights from the trip. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam to get the latest updates. Click here for the full SecTor 2023 playlist.
DevCentral Visits GovWare 2023
@buulam returned to GovWare in Singapore this year! Here are some highlights from his trip and the conversations from this essential IT security event. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam to get the latest updates. Click here for the full GovWare 2023 playlist. Global Cybersecurity Trends Buu tries Kaya Toast and chats with Chin Lim A Deep Dive into Zero Trust
GITEX Global 2023 in Dubai - DevCentral Visits
@buulam is fresh from GITEX Global in Dubai! Here are some highlights from his trip and the connections he made at this massive IT conference. Make sure to subscribe to the DevCentral Youtube channel, and follow DevCentral and Buu Lam to get the latest updates. DevCentral Visits GITEX Global 2023 in Dubai! Buu arrives at GITEX Global 2023 in Dubai! This massive security conference (more than 200,000 attendees) has a lot of cool things to explore. Zakeer Zubair on Navigating Changes in F5 and Dubai Over 16 Years Zakeer Zubair, the Senior Manager for Solutions Engineering at Gulf & Levant, has seen significant changes in F5 and Dubai over 16 years. He discussed how market needs align well with F5's portfolio of application and API delivery and protection. He also highlighted the value of the university intern program. Role Reversal! Zakeer Zubair Dives into Buu Lam's Journey Role reversal! Zakeer Zubair interviewed Buu Lam about his journey to becoming a DevCentral Community Evangelist and the importance of sharing educational content. Buu also shares his impressions of Dubai as a first-time visitor! Grant Taylor talks about Exclusive Networks and the Middle East region Grant Taylor, General Manager of Exclusive Networks in the Middle East, oversees the largest distributor in the region. With professional services, specialized partner sales teams, the company is leading the digital transformation taking place in the Middle East.
