The Akamai Blog Subscribe
February 2014 Archives
RSAC: Video Updates Worth Watching
Each year at RSA Conference 2014, I team up with David Spark, founder of Spark Media Solutions. Specifically, he creates a bunch of clever, high-quality videos from the showroom floor and then I share them. So far, he has sent me four videos done for Ziff-Davis. Do yourself a favor and check them out.
DDoS: Prepare to be Distracted
Guest Post by Mary Karnes, Manager, IBM Cloud Security Services Distributed denial-of-service attacks that congest Internet connectivity and disrupt online services topped unprecedented levels in 2013; and the tactics used were varied in both size and method. One example of methods used included attackers seeking to shut down access by targeting DDoS attacks on DNS providers, which in turn caused downtime for customers using those services for their DNS infrastructure.DDoS is not
RSAC Q&A: Fighting Off DDoS Attacks
For RSA Conference 2014, we partnered with IBM to create content that's beneficial to customers of both our companies. As part of the effort, I was interviewed by Mary Karnes, a product manager with IBM Security Services. The ultimate question: how best to respond to DDoS attacks. Karnes primarily focuses on services that help defend against web attacks (including distributed denial of service) and targeted attacks. Information security has been
RSAC Day 3: Relationship Between RSA, NSA Takes Cent ...
Day three of RSA Conference 2014 has begun at the Moscone Center in San Francisco. Yesterday was an eventful day, so let's have a look at some of the high -- and low -- points in the news:
Highlights from Day 2 of BSidesSF
The second and final day of BSidesSF was crammed with great talks. Here's a round-up of the discussions that caught my attention. As always, thanks to the volunteers and organizers who consistently make this a must-attend event.
RSA 2014: Privacy, Property Under Threat
A Boston news station did a story about foreign governments stealing secrets in New England, and Akamai's security efforts are featured prominently. The attacks CSO Andy Ellis describes to the reporter tie in with a lot of the concerns we're hearing about at RSA Conference 2014 in San Francisco this week. Most of the conversations I've been having with security practitioners involve the threat to privacy and intellectual property, and
Bringing the Sochi Games Home - Internationally
As the Sochi winter games draw to a close, I'd like to share a live streaming experience I had Sunday, which truly puts the spirit of the games into perspective for me. My 12-year-old daughter, Stephanie, is a ski racer with the Jay Peak Ski Club in Vermont, USA. Jay Peak is much closer to Montreal than to my residence near Boston, so I have a number of Canadian friends in
RSAC/BSidesSF 2014: Akamai Web Security Giveaways
For this year's RSA and BSidesSF, Akamai staff will be giving out a lot of cool stuff. We have stickers, T-shirts, pens and special sleeves for your credit and other cards. If you want any of these items, come find me or one of my Akamai InfoSec teammates. Visit our booth in the RSA exhibit hall for such additional items as foam rocket launchers. I also hear there are cool
RSAC/BSidesSF 2014: Ask About Our New Security Secti ...
Today is the day I've been planning for since starting at Akamai in June: The launch of a new Akamai.com security section. Please check it out and give me feedback.Enter the AKAMAI SECURITY section.
RSA 2014: A Talk InfoSec Curmudgeons Should Attend
Two good friends are delivering a talk at RSA Conference 2014 that's near and dear to my heart. The subject: work-life balance, mindfulness and happiness in the security profession.
Top Tweets of the Week: 2/14- 2/21
It's been a whirlwind of a week. Akamai announced that we have officially acquired Prolexic, the Olympics are streaming full steam ahead and we are looking forward to another busy week at RSA Conference in San Francisco next week. Want to see some of the social highlights from this week? Check out this week's installment of "Top Tweets of the Week"!
Brobot: Alive and Well in 2014
2013 was an absolute nightmare for many US banks, as they were targeted with massive DDoS attacks by the QCF as part of their Operation Ababil attacks. At Akamai we observed up to 20 banks being attacked in some weeks in 2013, and Akamai successfully protected our banking customers from these large attacks.
MIT's 2014 STAMP/STPA Workshop and Conference
This is the first of what will be several posts on MIT's 2014 STAMP Conference. Staff from Akamai InfoSec will participate in this event, which makes perfect sense given our close ties and history with MIT.
RSA Preview: How Data Defeated Dogma
Our ongoing series of RSA Conference 2014 previews brings us to a topic we've told you about before: the battle to establish a bug bounty program at Microsoft.
Prolexic Acquisition: More Research to Share
Now that Akamai's acquisition of Prolexic is official, I can answer a question I've gotten repeatedly: How will the addition of Prolexic impact the new Akamai Security site we're launching next week? It's an easy question to answer, but first some background:
Video: The Evolving Threat Landscape
An overview of the evolving threat landscape with Akamai Director of Web Security Solutions Product Marketing, Dan Shugrue. Dan also shares how Akamai's Kona Site Defender service handles the increasing frequency, volume and sophistication of Web attacks.
What is your Page Load Time?
We always talk about having a fast Page Load Time. However, determing the actual time a page is loaded, let alone standardizing that across the industry, is not simple. In this video Mike McCall, Product Architect at Akamai, explains the differences between the main interpretations of Page Load Time.
Kona + Prolexic = Akamai Web Security Solutions
Normal 0 false false false EN-US JA X-NONE /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:Calibri; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} It feels like it's been an eternity, but just 79 days ago, Akamai announced the acquisition of Prolexic. Now that the acquisition has officially closed, we can finally start talking more about what
RSA Conference 2014: Previews from Around the Web
With a week to go before RSA Conference 2014, various tech publications are launching their annual what-to-expect articles. What follows are a few articles that offer some decent analysis.
Top Tweets of the Week: 2/7 - 2/14
Happy Friday and Happy Valentine's Day! We had a lot going on this week, so check out some of the highlights on this week's installment of "Top Tweets of the Week". Have a great weekend and keep on tweetin'!
The Winter Games - Your Way
Here at Akamai, six days into the winter games, we have been reliably streaming the events in high quality - much of it in HD - for more than 20 broadcasting rights holders around the world. Since each of these broadcasters has their own unique requirements and workflows, our teams have been working with them for over nine months so that we can meet their expectations, as well as their
HQL Statement Tampering
Executive Summary "Hibernate is an object-relational mapping (ORM) library for the Java language, providing a framework for mapping an object-oriented domain model to a traditional relational database. Hibernate solves object-relational impedance mismatch problems by replacing direct persistence-related database accesses with high-level object handling functions." (Wikipedia) According to a recent Java developer survey, Hibernate was ranked as the 2nd most popular Java framework.
InfoSec Mentors: #BSidesLV Needs You
One of the coolest things about Security B-Sides, in my opinion, is the effort that goes into giving industry newbies a hand up. The BSides Las Vegas Proving Ground Speaker Development Program is a powerful example of that. And the organizers need your help.
NTP Reflection Attacks
Yesterday we saw the news outlets light up with breathless reports of a massive distributed denial of service that was directed at the boutique company, Cloudflare. There was much ado about the volume of the attack peaking at 400 Gbps according to the numbers released by them. But, was this little more than hyperbole? This would not be without precedent.
Podcast: Brian Bourne and SecTOR
Welcome to the Akamai Security Podcast. I'm your host, Bill Brenner. This week I finish off a series on volunteers in the security community -- particularly those who organize and volunteer at security conferences around the world. My guest is Brian Bourne, co-founder of the Security Education Conference in Toronto, more popularly known as SecTor. Bourne is also president of CMS Consulting Inc. Listen to the episode HERE.Hear more episodes
Patch Tuesday Revision
Microsoft's patch Tuesday has arrived and further to our post from Feb 7th there have been a couple updates for the release this month. The revised bulletin contains two additional patches which address remote code execution issues in Internet Explorer and the Windows operating system.Find out how Akamai can help you with your patch management via origin offload.
ShmooCon Presentations Now Available
Last month I was fortunate enough to attend the annual ShmooCon security conference in Washington DC. I wrote as much as I could, but in the end there's no substitute for seeing the full, raw presentations. With that in mind, I'm happy to let you all know the video recordings are now available. Check out the full archive HERE.
Security Conference Locators
We're often asked where people should go to find out about security conferences scheduled for the coming year. It's a question I've had as well, and during a recent project to prioritize which events Akamai staff should attend and how much free stuff to give out in our travels, I managed to find some good resources.
Top Tweets of the Week: 1/31 - 2/7
It's that time of week again - time for the top tweets of the week! What happened this week? The Olympics in Sochi kicked off, someone reviewed our brand new State of the Internet App and we were nominated as one of the "Most Admired Public Technology Company" in Massachusetts. Want to learn more? Read this week's edition of "Top Tweets of the Week.
Microsoft's February Patch Load
Patch Tuesday is an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is a preview of Microsoft's February 2014 Security Update.
Cloud Management & Brokering
Cloud platforms, such as Amazon AWS, are extremely powerful tools in getting hardware up and running. However, maintaining a scalable and reliable system in the cloud is still quite complicated, and requires a fair bit of effort. In this video Gary Ballabio, Director of Enterprise Products at Akamai, explains some of the challenges involved, how Cloud Management tools play into it, and how Akamai fits into the picture.
Preview: Akamai.com's New Security Section
In recent months I've told you about the new security section we've been developing for the Akamai website. We're adding the finishing touches, and it's time for a preview.
Podcast: Joshua Marpet and InfoSec Activism
Air Comm Networks CTO Joshua Marpet discusses the importance of volunteering at security conferences and what kind of role he plays at such events. He also talks about the growing family atmosphere at the conferences -- including the steady increase in activities for children.Listen to the episode HERE.
STEM Professions - Share your Passion!
I recently attended an Akamai Women's Forum where Tom Leighton (Akamai co-founder & CEO) and Jim Gemmell (Chief HRO) came to discuss diversity in Akamai. Jim talked about the overall availability of STEM (Science, Technology, Engineering and Mathematics) candidates, and it made me reminisce about how I got interested in a technology career.
CanSecWest Vancouver and PWN2OWN 2014
All our attention may be on RSA and BSidesSF right now, but it's worth noting that the 14th annual CanSecWest conference will be held shortly after, from March 12-14 at the Sheraton Wall Centre Hotel in downtown Vancouver, British Columbia.
Will a Cost on Carbon Darken our Cloud?
A cost on carbon is looming in the U.S. as urgency to address climate change intensifies. What are the implications of this for our energy-hungry Cloud industry? California implemented a cap and trade program in 2012 introducing a market-based price tag on carbon pollution(1), currently at $13 per ton. A bill in the U.S. Senate, the Climate Protection Act, would establish a fee on manufacturers, producers and importers of carbon-emitting substances.