Akamai Diversity

The Akamai Blog

Meet Akamai's Security Intelligence Response Team

Written by Bill Brenner, senior tech writer in the Akamai SIRT

Akamai has officially launched a new Security Intelligence Response Team that combines the resources of Akamai's CSIRT and Prolexic's PLXsert teams, further integrating Prolexic and Akamai security research.

Akamai SIRT is a dedicated group of cyber threat researchers, analysts and incident responders that monitors malicious cyber threats globally and analyzes these attacks using proprietary techniques and equipment. 

Through research, digital forensics, real time and post-event analysis, Akamai SIRT is able to build a global view of security threats, vulnerabilities, tactics, techniques and procedures (TTPs) as well as trends which are shared with customers and the security community. This further enables Akamai to protect customers from a wide variety of attacks ranging from abuse to scrapers to data breaches to hijacking to distributed denial of service.  By identifying the sources and associated attributes of individual attacks, along with expert analysis to identify and mitigate security threats and vulnerabilities, Akamai SIRT helps organizations make more informed, proactive decisions.

As part of that mission, Akamai SIRT maintains close contact with peer organizations around the world, trains Akamai's security teams to recognize and counter attacks from a wide range of adversaries, acts as subject matter experts for customers under attack, and keeps customers and the security community informed by conducting briefings, issuing advisories, publishing threat intelligence, and producing Akamai's State of the Internet Security Report.

The Akamai SIRT protects customers and the broader public by applying security research, intelligence analysis, and Akamai's unique visibility into Internet threats. 

Akamai SIRT publishes its research in the following places:


1 Comment

please forward this message to Bill Brenner/ Akamai SIRT-Team

Hello SIRT-Team,

we run a Honeynet and part of it simulates vulnerable ElasticSearch - Installations, catching a lot of exploit-attempts and malware from For 2 weeks now we're seeing also a lot of exploits against tomcat/jboss but werent able to determine which vulnerability was triggered.

currently we are analyzing the malware and c&c - infrastucture and i wonder if you are interested in data-exchange / collaboration.

I've seen you latest analysis (XOR-DOS, see link below) and think our findings would fit in that picture