Akamai Diversity

The Akamai Blog

April 2018 Archives

Benny Tan

Benny Tan

April 25, 2018 2:49 PM

Who is doing what on your network?

Over the past few months, while talking to customers, the topic of Zero Trust Architecture keeps coming up. Seemingly everyone is thinking of implementing the model - which we fully encourage! One of the core components of the principle is the ability to inspect and log all network and system traffic. This often leads me to highlight how Akamai's Enterprise Application Access (EAA) solution provides visibility for our customers into

Jano van Deventer

Jano van Deventer

April 20, 2018 11:48 AM

Addressing the Availability of the ACAEngine

In my experience as a Solutions Engineer, I've seen many companies strive for 100% uptime of enterprise applications. However, this is a goal that cannot happen by itself. Careful thought must be put into the underlying architecture that delivers these critical enterprise applications.

Craig Sparling

Craig Sparling

April 16, 2018 6:00 AM

Take a Tour of New Routed Dashboard

As a product manager, there are few things more rewarding than finally putting your product into the hands of your customer for the first time. We've been working on the new Routed Dashboard for some time, and I've personally spoken to many of you in terms of what would make our new interface more intuitive, more powerful, and frankly, more useful to you in understanding what Akamai is doing

Tsvika Klein

Tsvika Klein

April 16, 2018 6:00 AM

Actionable Threat Intelligence, Tailored to You

We are very excited to be launching the next generation of our Client Reputation product. This update takes Client Reputation a huge step further in providing our customers with truly actionable intelligence tailored for them. It computes an even better assessment of the real risk that every individual client device presents to the customer. We now enable significantly greater visibility into the activity performed by those clients on both their

Charles Vazac

Charles Vazac

April 16, 2018 6:00 AM

How You Get There Matters: "Middle-Mile" RUM to Driv ...

Traditional RUM products make use of APIs (Navigation-Timing, Resource-Timing, etc.) built into browsers to help measure the performance characteristics of the loading of a web page. That is, they do their best to quantify the work required by the browser when rendering a web page.

Vaishali Sangtani

Vaishali Sangtani

April 16, 2018 6:00 AM

Akamai 2018 Spring Release, In A Nutshell

Progressing Towards Our Future in The Cloud, Together As organizations continue to fuel and execute on their digital transformation ambitions, they're increasingly finding significant business agility and cost savings by adopting cloud, multi-cloud, or hybrid architectures. Availability, security, and maximization of user experience are the top goals for organizations adopting these architectures. However, the "availability" promise of your cloud infrastructure may not necessarily extend to promise "accessibility'" of workloads, applications,

Rich Salz

Rich Salz

April 16, 2018 6:00 AM

TLS 1.3 support is coming this spring

While March brings NCAA Madness, this year it also brought TLS 1.3, which will be coming to all Akamai customers soon! Let's give some background.

Lauren Younger

Lauren Younger

April 16, 2018 6:00 AM

Perception Matters: Making RUM More Real

Traditional nav timing metrics have given us a lot in the way of understanding how our pages and apps are performing, but as users' expectations rise and page complexity grows, you need to really understand how users are perceiving the performance of your website beyond traditional page load timing. The goal of the new perceived performance metrics is to capture other important aspects of your visitor's overall experience during page

Ori Kanfer

Ori Kanfer

April 16, 2018 6:00 AM

Introducing Web Security Analytics

Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it can result in noisy false positive security events, which can eventually mask real attacks from being detected and blocked.

Lauren Younger

Lauren Younger

April 16, 2018 6:00 AM

The Recipe for Web Performance Starts with the Right ...

You can't manage what you can't measure. As devices grow in capacity and innovations allow us to do more with web apps, the complexity of our pages has grown, too. It becomes a balancing act to increase functionality while maintaining a performant and responsive site. Just like a great recipe, too much of any one ingredient can throw it off.

Anthony Larkin

Anthony Larkin

April 16, 2018 6:00 AM

Measure What Matters: Your Competitive Advantage May ...

Attracting and retaining customers lies in your ability to offer an exceptional digital experience. Now that digital channels are increasingly preferred over channels of the past, the climate is increasingly competitive -- and businesses are fighting to maintain loyalty and keep users engaged online. The cost of switching is low, consumers are transient, and user expectations for how digital experiences should perform have never been higher. So how do

Greg Burns

Greg Burns

April 16, 2018 5:00 AM

What's New with Prolexic

There have been two constants in DDoS over the last 10+ years: an ever-changing threat landscape and continuous growth in attack sizes. Akamai's Prolexic platform has stood the test of time, but we are continuing to invest in ways to make our customers' experience more valuable and relevant. I'm excited about the things we are doing to stay ahead of the curve, and I want to share a few of

Kristen Raybould

Kristen Raybould

April 13, 2018 8:00 AM

Akamai and Duo have announced a technology partnersh ...

Akamai continues to build a zero trust ecosystem by integrating it's Enterprise Application Access (EAA) with Duo's Multi-Factor Authentication (MFA) solution. Duo now natively integrates into EAA and augments access with push-based MFA, phone call delivery of MFA tokens, and additional device level checking. With the joint Akamai-Duo solution, organizations can begin adopting a zero trust security model. They can reduce dependencies on the network perimeter for access and enforce

Ryan Barnett

Ryan Barnett

April 13, 2018 7:00 AM

Part 2: The Dark Side of APIs

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers

Asaf Nadler

Asaf Nadler

April 12, 2018 1:58 PM

Effectively Detecting Low Throughput and Malicious D ...

In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data exchange over the DNS protocol.

Kristen Raybould

Kristen Raybould

April 11, 2018 9:24 AM

Climbing the Ladder: Zero Trust, Single Sign-On, Mul ...

It is understood that there is a significant amount of complexity to securing today's enterprise, especially as more services and applications move to the cloud and a Zero Trust security model is employed. We at Akamai are actively engaged in helping enterprises adjust to a Zero Trust security model and the approach that every user, network access point, and location should be treated the same and not trusted.

Randy D'Souza

Randy D'Souza

April 10, 2018 8:37 AM

Coin Mining Malware and What Akamai Can do About It

It has been a busy few months for crypto-mining! The advent of cryptocurrency[1] has resulted in a rollercoaster ride of interest in the last 18 months, with millions of people making and losing millions in physical currency. Through all of this, cryptocurrency has been a heavy target for cybercriminals because there is much money to be made, and it's not that difficult to exploit the many exchanges that have recently

Akamai SIRT Alerts

Akamai SIRT Alerts

April 9, 2018 10:30 AM

Universal Plug and Play (UPnP): What you need to kno ...

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and

Ryan Barnett

Ryan Barnett

April 3, 2018 9:00 AM

The Dark Side of APIs: Part 1, API Overview

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai API Overview Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.

Chinedu Egonu

Chinedu Egonu

April 2, 2018 8:28 AM

How smart is my smart TV?

Some weeks ago, my friend asked me the headlining question while we were having a random argument about electronics. I found it to be an interesting one, particularly because it underlines the current mindset towards security of electronic devices communicable over computer networks.