Akamai Diversity
Home > April 2018

April 2018 Archives

Who is doing what on your network?

Over the past few months, while talking to customers, the topic of Zero Trust Architecture keeps coming up. Seemingly everyone is thinking of implementing the model - which we fully encourage! One of the core components of the principle is the ability to inspect and log all network and system traffic. This often leads me to highlight how Akamai's Enterprise Application Access (EAA) solution provides visibility for our customers into the number of third party contractors connecting into their infrastructure - insight often unavailable with traditional access solutions. With a traditional access solution, contractors are allowed into the network by configuring a VPN and establishing an SSH session or exposing devices/appliances in the DMZ.

Addressing the Availability of the ACAEngine

In my experience as a Solutions Engineer, I've seen many companies strive for 100% uptime of enterprise applications. However, this is a goal that cannot happen by itself. Careful thought must be put into the underlying architecture that delivers these critical enterprise applications.

Take a Tour of New Routed Dashboard

As a product manager, there are few things more rewarding than finally putting your product into the hands of your customer for the first time. We've been working on the new Routed Dashboard for some time, and I've personally spoken to many of you in terms of what would make our new interface more intuitive, more powerful, and frankly, more useful to you in understanding what Akamai is doing to protect your applications and infrastructure. A picture is worth a thousand words, so rather than continue typing, I wanted to take you on a video tour of the new Routed Dashboard. Enjoy.

Actionable Threat Intelligence, Tailored to You

We are very excited to be launching the next generation of our Client Reputation product. This update takes Client Reputation a huge step further in providing our customers with truly actionable intelligence tailored for them. It computes an even better assessment of the real risk that every individual client device presents to the customer. We now enable significantly greater visibility into the activity performed by those clients on both their websites as well as across the entire Akamai platform.

alt text

Traditional RUM products make use of APIs (Navigation-Timing, Resource-Timing, etc.) built into browsers to help measure the performance characteristics of the loading of a web page. That is, they do their best to quantify the work required by the browser when rendering a web page.

Akamai 2018 Spring Release, In A Nutshell

Progressing Towards Our Future in The Cloud, Together

As organizations continue to fuel and execute on their digital transformation ambitions, they're increasingly finding significant business agility and cost savings by adopting cloud, multi-cloud, or hybrid architectures. Availability, security, and maximization of user experience are the top goals for organizations adopting these architectures.

However, the "availability" promise of your cloud infrastructure may not necessarily extend to promise "accessibility'" of workloads, applications, and data for every single end user, regardless of their device, network, or global location. 

The truth is...you need both!  A cloud infrastructure optimized for high availability combined with a cloud delivery platform optimized for security, high accessibility, and performance. 

Akamai's comprehensive and integrated intelligent cloud delivery platform has been serving as a crucial foundation for our customers' growing digital businesses by helping them deliver the amazing digital experiences their end users expect.

TLS 1.3 support is coming this spring

While March brings NCAA Madness, this year it also brought TLS 1.3, which will be coming to all Akamai customers soon!  Let's give some background.

Perception Matters: Making RUM More Real

blog2pic1.pngTraditional nav timing metrics have given us a lot in the way of understanding how our pages and apps are performing, but as users' expectations rise and page complexity grows, you need to really understand how users are perceiving the performance of your website beyond traditional page load timing. The goal of the new perceived performance metrics is to capture other important aspects of your visitor's overall experience during page load and beyond.

Introducing Web Security Analytics

Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it can result in noisy false positive security events, which can eventually mask real attacks from being detected and blocked.

blog3pic1.pngYou can't manage what you can't measure. As devices grow in capacity and innovations allow us to do more with web apps, the complexity of our pages has grown, too. It becomes a balancing act to increase functionality while maintaining a performant and responsive site. Just like a great recipe, too much of any one ingredient can throw it off.

blog1pic1.jpg

Attracting and retaining customers lies in your ability to offer an exceptional digital experience. Now that digital channels are increasingly preferred over channels of the past, the climate is increasingly competitive -- and businesses are fighting to maintain loyalty and keep users engaged online. The cost of switching is low, consumers are transient, and user expectations for how digital experiences should perform have never been higher.

So how do you beat out your competition to attract and retain more customers? Every advantage you can get matters, and it's important to start with a baseline of understanding using the right measurements and real user data.

What's New with Prolexic

There have been two constants in DDoS over the last 10+ years: an ever-changing threat landscape and continuous growth in attack sizes. Akamai's Prolexic platform has stood the test of time, but we are continuing to invest in ways to make our customers' experience more valuable and relevant. I'm excited about the things we are doing to stay ahead of the curve, and I want to share a few of the developments that are in motion today as we invest to make it the largest, most advanced and effective DDoS mitigation platform available anywhere. But first, a recap...

Akamai continues to build a zero trust ecosystem by integrating it's Enterprise Application Access (EAA) with Duo's Multi-Factor Authentication (MFA) solution. Duo now natively integrates into EAA and augments access with push-based MFA, phone call delivery of MFA tokens, and additional device level checking. With the joint Akamai-Duo solution, organizations can begin adopting a zero trust security model. They can reduce dependencies on the network perimeter for access and enforce strong authentication and authorization for all users and devices, thereby preventing attackers with stolen credentials or devices with a weak security posture from accessing applications. 

Part 2: The Dark Side of APIs

Ryan Barnett, Principal Security Researcher, Akamai

Elad Shuster, Senior Security Researcher, Akamai

During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns.  It will come as no surprise that API-based logins are highly targeted by credential abuse attackers for a variety of reason.

 

In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data exchange over the DNS protocol.

It is understood that there is a significant amount of complexity to securing today's enterprise, especially as more services and applications move to the cloud and a Zero Trust security model is employed.  We at Akamai are actively engaged in helping enterprises adjust to a Zero Trust security model and the approach that every user, network access point, and location should be treated the same and not trusted. 

Coin Mining Malware and What Akamai Can do About It

It has been a busy few months for crypto-mining!  The advent of cryptocurrency[1] has resulted in a rollercoaster ride of interest in the last 18 months, with millions of people making and losing millions in physical currency. Through all of this, cryptocurrency has been a heavy target for cybercriminals because there is much money to be made, and it's not that difficult to exploit the many exchanges that have recently popped up. Hidden within all the excitement though, there are some unwanted side effects of crypto-mining that you and your business should be aware of. I'll start with simple definitions, lead to how crypto-mining works, and finish out with what these unwanted side effects are, how they may affect you, and what Akamai can do to help.

Universal Plug and Play (UPnP): What you need to know

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware distribution.

Readers must be aware that this is an active vector currently in use to conceal the traffic of attackers. The location of the origin of the traffic is effectively hidden by using vulnerable devices as proxies. Carriers and ISPs need to be aware of the vulnerability, as end users and customers may appear to be hosting content or the source of attacks when the responsible party is actually behind one or several layers of compromised routers. Law enforcement officers should be advised that, similar to other types of proxies, UPnProxy has the potential to make their jobs harder by adding another layer of obfuscation to traffic from criminal actors.

Read the full research paper

The Dark Side of APIs: Part 1, API Overview

Ryan Barnett, Principal Security Researcher, Akamai

Elad Shuster, Senior Security Researcher, Akamai

 

API Overview

Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.

How smart is my smart TV?

Some weeks ago, my friend asked me the headlining question while we were having a random argument about electronics. I found it to be an interesting one, particularly because it underlines the current mindset towards security of electronic devices communicable over computer networks.