F5 CEO Says AI Is Accelerating the Need for Platform Consolidation
F5 CEO Francois Locoh-Donou argues that AI workloads are making hybrid multi-cloud even more complex, pushing enterprises toward consolidated delivery and security platforms.
F5 CEO Francois Locoh-Donou used AppWorld 2026 to make the case that AI is not just another workload to secure. It is fundamentally accelerating the complexity of application delivery and creating urgent demand for platform consolidation. F5 customers now operate across an average of 19 different environments, and AI is making that number worse.
AI makes hybrid multi-cloud harder
The core argument is simple. AI workloads are inherently distributed. Data stays on-prem, models live in the cloud, inference runs at the edge. Agentic AI adds another layer, with agents calling tools and APIs across multiple locations. All of this means more API traffic, more attack surface, and more operational complexity.
On top of that, European digital sovereignty regulations are forcing organizations to care about where data lives and which infrastructure providers they depend on. Locoh-Donou frames F5's updated Application Delivery and Security Platform (ADSP) as the answer to all of it: one platform that consolidates delivery and security across every environment.
API security and AI model protection
Two specific threats stood out. First, API security is getting more attention because every AI application call, every agent-to-tool interaction, runs through an API. Knowing where all your APIs are and whether they are configured correctly is no longer optional.
Second, AI models themselves are becoming attack surfaces. F5's research found that enterprises run an average of seven AI models in production, each with its own vulnerabilities. That is why F5 acquired CalypsoAI in 2025, gaining both offensive capabilities (red teaming, penetration testing) and defensive ones (guardrails, runtime protection).
Locoh-Donou also pointed to a gap in the market: most API discovery and security solutions today are cloud-only. F5 is launching on-prem API security to cover the sensitive enterprise traffic that never leaves the data center.
WAFplanet take
F5 is playing the consolidation card hard, and the timing makes sense. As organizations bolt on AI capabilities, the sprawl of APIs, models, and environments creates exactly the kind of complexity that favors platform vendors over point solutions. The CalypsoAI acquisition gives F5 a genuine differentiator in AI security that most WAF vendors, including Cloudflare and Akamai, do not have yet.
The on-prem API security play is also smart. Cloud-native vendors like Cloudflare cannot easily follow there. But the question is whether F5 can execute on the platform vision without the complexity creep that plagues every consolidation story. Nineteen environments is a lot to cover with one platform, and customers will judge F5 on whether ADSP actually simplifies operations or just moves the complexity around.
