Akamai Diversity

The Akamai Blog

December 2015 Archives

Akamai

Akamai

December 29, 2015 11:45 AM

Akamai at CES 2016

The Akamai Media Delivery team is looking forward to seeing you at CES 2016! One of the major themes we expect to hear a lot about at CES this year is OTT, or Over-The-Top delivery of premium video content over the internet, without the accompanying ownership of the distribution network.

Rich Bolstridge

Rich Bolstridge

December 23, 2015 11:11 AM

Fingerprint Banking: Will convenience overcome secur ...

"Fingerprint banking", or the ability to conduct financial transactions from your phone with your fingerprint, without the need for a username and password, has quickly become a mainstream feature in banking apps around the globe. But will this new feature convince mobile holdouts - those customers that don't trust mobile banking - to cross over? Or will it further scare them away?

Miguel Serrano

Miguel Serrano

December 21, 2015 2:07 PM

WAF: Ease of management

In my last articles I introduced the idea of how simple is the concept of a WAF (although implementing a reliable WAF system is not that simple), what are false positives and false negatives and the best approach to trade-off between them, what is the impact of wide visibility when it comes to build a WAF, the importance of having a solid team of experts backing up a WAF solution,

Akamai

Akamai

December 18, 2015 1:13 PM

2015 Black Friday traffic spikes 109 percent over av ...

The 2015 holiday shopping period lifted off with a bang, setting revenue records for the Thanksgiving weekend and indicating strong revenue trends for the holiday season. Data from Akamai Retail Net Usage Index, a tool which monitors the company's retail customers' real-time website traffic in page views per minute, supported this trend, as the average page views per minute over the five-days was nearly 70 percent above the baseline. In

Miguel Serrano

Miguel Serrano

December 18, 2015 11:18 AM

WAF: Adequate scale

Let's move on with our analysis of the ideal WAF requirements. Scale is, without a doubt, one of the most important requirements of an effective WAF. Scale has to be considered from two perspectives: under standard traffic conditions and under unusually high levels of traffic. Let's look at each one.

Martin McKeay

Martin McKeay

December 18, 2015 10:27 AM

How 2015 Security Trends Will Influence 2016

I've always hated security 'predictions'; they range from scientific guesses to self-serving marketing drivel, trending mostly towards the latter. But they do serve a purpose when done right, in that they draw attention to the trends currently happening and how they might play out in the future. Given that there's been more focus on the field of computer security in 2015 than in any year before, it's probably not a

Akamai

Akamai

December 17, 2015 1:13 PM

The Travel Challenge - Enabling The User Experience

Two weeks ago key players in the travel industry gathered from around the world to discover, debate and capitalize on the latest trends and opportunities in travel at the PhocusWright Conference in Fort Lauderdale. One of the hottest topics on the agenda was how to improve the travelers' experience from booking to actually traveling - and how important mobile is to that process. While mobile devices generate 25 percent of

Akamai

Akamai

December 17, 2015 11:18 AM

CDNs, Performance and Monitoring - Part 2: KPIs to m ...

In my previous blog, I showed how seriously the performance of your website can be affected by your CDN, even though many don't include it in their monitoring strategy. To enable you to improve your performance tuning and rapid troubleshooting, you must monitor your CDN along with the rest of your systems and do so effectively. In this blog I'll show you how to do just that.

Eric Fullerton

Eric Fullerton

December 16, 2015 2:22 PM

Winning Web Performance Part 2 - Achieving Faster, P ...

Earlier you had to choose, should you personalize or cache everything... we wanted to do both. -- Fredrik Ahlen (CTO) The business decision had been made. Fredrik Ahlen (CTO) and Patrik Wallin (Lead Developer) of Health & Sports Nutrition Group (Gymgrossisten) were going to undergo a personalization overhaul to increase conversion rates. This meant personalizing nearly everything -- category pages, product pages, product recommendations and more. It was up to

Miguel Serrano

Miguel Serrano

December 16, 2015 11:07 AM

WAF: Threat Intelligence, the brain behind the machi ...

First time I jumped into a plane I was around 10 or 12 years old. The crew, moved by my innocent face and my dazzle, gave me a great gift: they allowed me to enter into the cabin where the pilot was commanding the flight. This is what I saw:

Akamai

Akamai

December 15, 2015 10:48 AM

Mobile surges ahead driving a record start to the ho ...

Retailers can look back on the start of this holiday season and breath a sigh of relief that all signs point to another strong holiday season. According to figures released by Adobe, Cyber Monday closed with $3.07 billion in sales setting a new single day sales record. Black Friday also set records and marked the highest spike over the five-day shopping weekend with a 109 percent jump in traffic, according

Akamai

Akamai

December 14, 2015 2:34 PM

What I've learned from monitoring four years of web ...

Every six months I take a look at a handful of key stats from the HTTP Archive -- a fantastic repository of historical data around the size and composition of half a million of the most-visited websites in the world -- and I benchmark them against the previous six months.

Miguel Serrano

Miguel Serrano

December 14, 2015 1:39 PM

WAF: Visibility into attacks and adaptability to cha ...

In previous posts WAF: False Positives vs. False Negatives and WAF: trade-off between false positives and false negatives, we talked about the importance of WAF accuracy and the strategy that Akamai follows when developing the system of proprietary rules (Kona Rule Set or KRS) that govern the WAF.

Or Katz

Or Katz

December 14, 2015 11:38 AM

Playing Hide and Seek In the Cloud

When we were young, we had fun playing hide and seek. As 5 year olds there were a limited number of places our friends could hide, and we could methodically check each one and then giggle when we found them. As we grew older, we expanded the boundaries of the game. Today, as security researchers, hide-and-seek is no longer so fun because the boundaries are nearly infinite. How do you

Miguel Serrano

Miguel Serrano

December 11, 2015 11:38 AM

WAF: trade-off between false positives and false neg ...

In the previous article, we introduced, arguably, the most important metric to measure WAF quality (in subsequent entries we will talk about WAF performance). But we left one question flying in the air: How can we achieve that our WAF rules provide a virtually null False Positive rate, keeping at the same time a very low percentage of False Negatives?

Akamai

Akamai

December 10, 2015 11:12 AM

Web Security in Healthcare Matters

It's hard to miss all the media attention surrounding data breaches in healthcare. If you're involved in information security at a healthcare organization, it's no surprise to you that more than 143 million individuals have been affected by data breaches since HHS started tracking incidents in September 2009.

Miguel Serrano

Miguel Serrano

December 9, 2015 1:47 PM

WAF: False Positives vs. False Negatives

I said in my last article that one of the key factors when it comes to judging the effectiveness of a WAF is accuracy. There is a metric that, measured in an objective way, provides an unmistakable view of quality and accuracy of a WAF solution: false negatives and false positives.

John Bishop

John Bishop

December 9, 2015 6:17 AM

Defining OTT Webinar Series

All indications are that Over-the-Top (OTT) video services will attract larger audiences, be delivered at higher bit rates, and provide viewers with more entertainment options than ever before, all of which can further complicate your already complex media strategy.Please join me on Wednesday, December 9th at 2PM ET/11AM PT as we define and discuss the rapidly shifting OTT 2.0 landscape. Whether you've already launched a new OTT service or

Bill Brenner

Bill Brenner

December 8, 2015 6:33 AM

Now Available: Q3 State of the Internet Security Rep ...

The Q3 2015 State of the Internet Security Report is now available for download at www.stateoftheinternet.com/security-report. Among the highlights: a continued upward trend in DDoS attacks, and attacks fueled by the easy availability of DDoS-for-hire sites that identify and abuse exposed Internet services, such as SSDP, NTP, DNS, CHARGEN, and even Quote of the Day.

Eric Fullerton

Eric Fullerton

December 7, 2015 12:47 PM

Winning Web Performance - Takeaways from Akamai Edge ...

At the Akamai Edge Conference some of the world's biggest, most innovative brands shared ways they move their online businesses faster forward using Akamai. In a multi-part blog post series, we'll be sharing the most valuable lessons learned in the Web Performance space.

Miguel Serrano

Miguel Serrano

December 7, 2015 10:38 AM

WAF. Under myth-busters' scrutiny.

Tangina Barros, the medium in the Poltergeist film series, taxes and Internet security. These three things have in common that they scare, they intimidate and they may keep you awake at night. With regards to the first two topics, the only thing I can do is remember that Poltergeist is just a movie, seriously, just a movie (I keep saying that to convince myself, quite unsuccessfully, though) and that

Akamai

Akamai

December 3, 2015 11:16 AM

Web Security Lacking at Hospitals

While hospitals are ramping up security efforts to protect information, a large percentage of them are vulnerable to attacks on their web sites. Less than two-thirds of hospitals participating in a recent survey reported having on-premise web application firewalls in place, and fewer than half reported having defenses in place to thwart distributed denial of service (DDoS) attacks. Read more here.

Or Katz

Or Katz

December 2, 2015 1:36 PM

Last of OWASP's Top 10 Still a Potent Threat

Open redirection is the last item on the OWASP Top 10, and it is considered a Web application functionality that can be used by attackers to redirect users from trusted domains to untrusted domains. But it is a potent problem, as Akamai's Threat Research Team discovered in their research on an unusual malicious SEO attack campaign that abused Web applications' open redirect functionality.

Larry Cashdollar

Larry Cashdollar

December 2, 2015 9:24 AM

Developing a PoC Step by Step

I've received numerous questions about how I found so many Wordpress plugin vulnerabilities and how to write the exploits that were essential to the research.  I'll be honest, it's not hard if you have some experience in php programming and basic knowledge of secure programming.  To simplify things, we will narrow down certain traits of what plugins to examine.