Akamai Diversity

The Akamai Blog

October 2013 Archives

Bill Brenner

Bill Brenner

October 31, 2013 7:21 AM

Webinar: Internet Security for Small & Medium Busine ...

This month, I've been hosting a three-part webinar series on the challenges smaller companies face when it comes to Web security. This week and next, I'm presenting the recordings here. WellStar Health System Security Director Martin Fisher joined me for part 1: "What Web Security Means for Small & Medium Businesses."

Bill Brenner

Bill Brenner

October 30, 2013 5:10 AM

Video: What's a Zero-Day Vulnerability?

Akamai Chief Security Officer Andy Ellis gives a whiteboard lesson on zero-day vulnerabilities. Class is in session:

Akamai

Akamai

October 29, 2013 9:17 AM

Podcast: Akamai CSIRT Director Michael Smith

In Episode 5 of the Akamai Security Podcast, I interview CSIRT Director Michael Smith. We discuss the role of CSIRT in researching threats and vulnerabilities, as well as keeping customers and the wider public informed of defensive measures they can take.--Listen to the podcast HEREBio: Michael Smith is a senior security manager with more than 20 years of experience in the IT security and intelligence fields performing security design and

Bill Brenner

Bill Brenner

October 28, 2013 6:52 AM

Web Shells, Backdoor Trojans and RATs

Akamai's CSIRT team advises companies to check their systems for Web shells, executable code running on a server that gives attackers remote access to a variety of critical functions. Online adversaries can install Web shells by compromising legitimate Web applications on a server, using such tried-and-true techniques as SQL injection, Remote File Inclusion, an unvalidated file upload feature or through a valid user's stolen credentials. Here are the basics of

Bill Brenner

Bill Brenner

October 25, 2013 3:37 AM

A Twitter Chat on Cybercrime Defense

Yesterday, Akamai participated in a Twitter forum on cybercrime as part of National Cyber Security Awareness Month. Participants supplied a ton of great resources, which I think is worth sharing here. What follows are some of the tweets from the conversation. If you want to stay out of the attackers' crosshairs -- or if you're a victim looking for help -- you'll find what follows useful.ESET ‏@ESET13hIf you're a victim, DOJ has

Bill Brenner

Bill Brenner

October 24, 2013 4:57 AM

Video: An Overview of Tokenization & the Credit Card ...

Akamai CSO Andy Ellis gives an overview of tokenization and why it exists, as well as a brief history of the credit card industry.

Bill Brenner

Bill Brenner

October 23, 2013 6:43 AM

Video: Josh Corman on Different Adversary Classes

Akamai Director of Security Intelligence Josh Corman gives an overview of different adversary classes and their motivations.

Chris Nicholson

Chris Nicholson

October 22, 2013 2:36 PM

The Science of Online Video Advertisements

Today Akamai announced the publication of a new study, "Understanding the Effectiveness of Video Ads: A Measurement Study," designed to gain a scientific understanding of when viewers complete watching online video ads and when they abandon them. With analysis of an aggregate 367 million videos and 257 million ads from over 3,000 publishers that were viewed by 65 million unique users worldwide across the Akamai Intelligent Platform, a great deal

Bill Brenner

Bill Brenner

October 22, 2013 7:41 AM

IBM, Akamai Team Up in DDoS Fight

As part of a new partnership, IBM will integrate Akamai's Kona Site Defender with IBM's Cloud Security Services portfolio. IBM Security Services General Manager Kris Lovejoy said her company decided to join forces with Akamai because of its track record in protecting customers from DDoS attacks. "Our clients tell us there is a need to strengthen cloud security," Lovejoy said in a statement. "The partnership with Akamai combines a world-class security

Helen Yang

Helen Yang

October 21, 2013 1:25 PM

How can you control and optimize network access poli ...

The following is a guest post from Director Global Service Delivery Patrice Boffa and Solutions Architect Harish Jakkal.Locking down access to a Web application based on information from the Network Layer of the Open Systems Interconnection (OSI) model is the most basic level of request filtering mechanism available. There are many network firewalls in the market that inspect the source/destination IP address of the request to making routing decisions on

Akamai

Akamai

October 21, 2013 10:02 AM

Movin' On Up (The OSI Stack)

For months now, those of us working to protect Akamai's customers have been trumpeting the same theme: in the same way that companies, technology and applications are moving "Up the Stack" to the web layer, attackers have followed. For the first time since the inaugural "State of the Internet Report" was published in Q1 2008, we saw solid statistical proof to date that the threat landscape has changed:  As of

Bill Brenner

Bill Brenner

October 21, 2013 6:36 AM

State of the Internet Report: DDoS Trends, SEA Attac ...

The latest Akamai State of the Internet report analyzes recent DDoS trends and includes a section on something I've written about a lot in recent months -- attacks from the so-called Syrian Electronic Army. DDoS attacks spiked in the second quarter of 2013, with Akamai customers reporting 318 attacks -- a 54 percent increase over the 208 reported in the first quarter. At 134 reported attacks, the Enterprise sector continued to

Amanda Fakhreddine

Amanda Fakhreddine

October 18, 2013 11:06 AM

Top 10 Tweets from #AkamaiEdge

It has been a week since #AkamaiEdge 2013, and we still can't stop thinking about it! It was the first time that we had a live social stream, and it allowed us to broadcast tweets and pictures on four 40" screens that were located at the Social Media Hub. People loved it!We had over 4,100 people tweet using #AkamaiEdge during the conference, and everyone seemed to enjoy watching their tweets

Bill Brenner

Bill Brenner

October 18, 2013 8:16 AM

Are You a Future Akamai Security Professional?

It's week three of Cyber Security Awareness Month at the U.S. Department of Homeland Security, and the focus is on the future security workforce. Here's what DHS says on its website: As technology continues to evolve and improve, the need to protect against evolving cyber threats also requires improvement and expansion. To meet the growing technological needs of government and industry, the Department of Homeland Security (DHS) is building strong

Bill Brenner

Bill Brenner

October 17, 2013 8:16 AM

Indonesian Attack Traffic Tops List; Port 445 No Lon ...

This week Akamai released its State of the Internet report for the second quarter of 2013, and the security section includes some changes since the last go around. Based on data gathered from the Akamai Intelligent Platform, the report provides insight into key global statistics such as network connectivity and connection speeds, attack traffic, and broadband adoption and availability. One of the things we track is the origin of attack

Bill Brenner

Bill Brenner

October 16, 2013 7:27 AM

An Overview of the OSI Model with Akamai CSO Andy El ...

In this video, Akamai CSO Andy Ellis gives an overview of the OSI model, abstraction layers, HTTP, TCP/IP and how together these things make the Internet work.

Akamai

Akamai

October 15, 2013 7:51 AM

Podcast: The Flip Side of Bots and Crawlers

A few months ago, Akamai Senior Enterprise Architect David Senecal wrote a post about ways to identify and mitigate unwanted bot traffic. Last week, I went into more detail on the subject with Matt Ringel (@ringel on Twitter), an enterprise architect in Akamai's Professional Services team. (Check out Matt's recent post, "You Must Try, and Then You Must Ask."). That resulted in the post "Bots, Crawlers Not Created Equally."In addition to that post, we have a full

Bill Brenner

Bill Brenner

October 11, 2013 8:25 AM

Schneier and Corman: A Conversation in Tweets

What does one do when he has to get on a plane right before one of the more anticipated keynotes at Akamai Edge? In my case, follow the tweets and retweet what I found most interesting.Below are tweets from those attending the keynote discussion between security luminary Bruce Schneier and Akamai InfoSec's Josh Corman. I followed from the taxi, through the TSA line and from the gate, and it was worth

Manuel Alvarez

Manuel Alvarez

October 11, 2013 8:15 AM

Akamai at Velocity New York and WebPerfDays

While some of you are attending and enjoying the Edge conference, some of us are preparing for other great Web Performance conferences where you can listen and meet some of the members of the Akamai's Advance Solutions Group. Velocity NYC Colin Bendell will be speaking at Velocity NYC on the topic "Performance Impacts of i18n, l10n and m18n" on Wednesday, October 16, 2013.  If you are planning to expand your

Bill Brenner

Bill Brenner

October 11, 2013 4:02 AM

Dissecting Operation Ababil at Akamai Edge

Operation Ababil has been a thorn in the side of financial institutions this past year, costing victims both business and sleep. At Akamai Edge, we've been talking a lot about the attacks -- particularly the lessons we've learned and the fresh security measures companies have put in place. Thursday, Akamai CSO Andy Ellis led a panel discussion on the lessons learned, and earlier in the day John Summers -- VP

Bill Brenner

Bill Brenner

October 9, 2013 2:41 PM

George Delivers Security Message at Akamai Edge

At Akamai Edge I've been hanging out a lot with Dan Abraham, my InfoSec department colleague. I have yet to see him without George, the stuffed penguin who serves as our mascot and symbol of security awesomeness.Also see: "Security Front and Center at Akamai Edge 2013"We've shown George a good time, taking him on a stroll around Washington DC Sunday. (He visited the Spy Museum and was not amused to

Akamai

Akamai

October 9, 2013 8:55 AM

An Exciting Day for the WAN - Akamai & Cisco Announc ...

0 0 1 565 3223 Akamai Technologies Inc. 26 7 3781 14.0 Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} For years at Akamai, I have spoken at conferences and with customers about the future of the WAN.  While the title

Miguel Serrano

Miguel Serrano

October 9, 2013 7:00 AM

The Developer's Dream: The Power of Akamai at your F ...

"The future of the Internet lies on the hands of developers and architects."While this statement sounds really great, I can't take the credit for it. The original quote comes from Tom Leighton himself, co-founder and CEO of Akamai, in a video introducing Akamai {OPEN}, part of the Akamai Open Platform Initiative.Akamai has become one of the most reliable and popular web platforms, handling up to 30 percent of total web

Akamai

Akamai

October 9, 2013 5:04 AM

Manipulating PHP Superglobal Variables

Here at the Akamai Edge conference in Washington D.C., we're talking to customers about the latest attack techniques and how we're staying ahead of the threats. One example of what we're watching: a method where attackers are able to use vulnerabilities in PHP applications to exploit superglobals -- pre-defined variables in PHP -- to launch malicious code. Also see: "Security Front and Center at Akamai Edge 2013" Attack details: PHP

Bill Brenner

Bill Brenner

October 8, 2013 5:54 AM

Bots, Crawlers Not Created Equally

A few months ago, Akamai Senior Enterprise Architect David Senecal wrote a post about ways to identify and mitigate unwanted bot traffic. Here at the Akamai Edge conference in Washington D.C., discussions around that continue -- specifically, how to squeeze the maximum usefulness out of bots and other Web crawlers.Also see: "Security Front and Center at Akamai Edge 2013"Yesterday, I continued a discussion I've been having about that with Matt Ringel

Bill Brenner

Bill Brenner

October 7, 2013 9:28 AM

Akamai Edge 2013 and Patch Tuesday

I'm in Washington D.C. for the Akamai Edge customer conference, and while it's easy to lose sight of the daily chores of security when you're spending the day listening to talks, there's still always work to be done. An example of that: Tuesday is Microsoft's regularly-scheduled security patch release.We'll be talking to Akamai customers at Edge about how our efforts play into their vulnerability management needs. We'll also talk about

Lorenz Jakober

Lorenz Jakober

October 4, 2013 1:36 PM

Why Early Termination Is Not A Bad Thing...

On July 31st Facebook announced that they have enabled secure browsing by default. More and more companies such as Google, Twitter and PayPal have started to switch to always on SSL/TLS to ensure more secure browsing. And the growth of HTTPS use is likely to continue. Number of Sites With Valid Certificates Part of Netcraft's SSL Server Survey Source: Netcraft This sounds all well and good. However, as is often

Matt Ringel

Matt Ringel

October 4, 2013 12:07 PM

You Must Try, and then You Must Ask

I like working with grownups.Here's an example:When I was a wee little New Hire at my current employer, one of the things that came up a lot was the "15 minute rule." That is, if you're stuck on a problem, take a solid 15 minutes to bash your brain against it in whatever manner you see fit. However, if you still don't have an answer after 15 minutes, you must ask someone. I shorten

Bill Brenner

Bill Brenner

October 4, 2013 8:46 AM

Akamai Edge and National Cyber Security Awareness Mo ...

There's been a lot of debate in the InfoSec community about the effectiveness (or lack thereof) of security awareness programs. More such discussion is likely this month as the Department of Homeland Security (DHS) promotes National Cyber Security Awareness Month. Rather than repeat my own position on the matter, I'll direct you to the post "Security Awareness Programs: Better Than Nothing." For now, I'm thinking about how DHS's initiative fits

Bill Brenner

Bill Brenner

October 3, 2013 4:54 AM

Silk Road, Tor and the Threat of DDoS

Whenever authorities bust somebody for alleged use of popular software for illegal purposes, there's always the chance digital miscreants will protest with DDoS and other attacks. That's certainly a possibility after the FBI's arrest of Ross William Ulbricht, known as "Dread Pirate Roberts," alleged operator of Silk Road, a marketplace for illegal drugs. According to the Reuters news service, federal prosecutors charged Ulbricht with one count each of narcotics trafficking conspiracy,

Bill Brenner

Bill Brenner

October 2, 2013 8:55 AM

Was This Really One of the Internet's Biggest Attack ...

There was an interesting story in eWeek yesterday about "one of the largest attacks in the history of the Internet" taking place last week. It describes a 9-hour barrage against an unnamed entity that swelled to 100 Gigabits of traffic at its peak. But does it really qualify as one of the biggest in Internet history? It's an impressive barrage, to be sure. Reading the article reminded me of a post Akamai