Get In Touch
April 2018 Archives
Over the past few months, while talking to customers, the topic of Zero Trust Architecture keeps coming up. Seemingly everyone is thinking of implementing the model - which we fully encourage! One of the core components of the principle is the ability to inspect and log all network and system traffic. This often leads me to highlight how Akamai's Enterprise Application Access (EAA) solution provides visibility for our customers into
In my experience as a Solutions Engineer, I've seen many companies strive for 100% uptime of enterprise applications. However, this is a goal that cannot happen by itself. Careful thought must be put into the underlying architecture that delivers these critical enterprise applications.
As a product manager, there are few things more rewarding than finally putting your product into the hands of your customer for the first time. We've been working on the new Routed Dashboard for some time, and I've personally spoken to many of you in terms of what would make our new interface more intuitive, more powerful, and frankly, more useful to you in understanding what Akamai is doing
We are very excited to be launching the next generation of our Client Reputation product. This update takes Client Reputation a huge step further in providing our customers with truly actionable intelligence tailored for them. It computes an even better assessment of the real risk that every individual client device presents to the customer. We now enable significantly greater visibility into the activity performed by those clients on both their
Traditional RUM products make use of APIs (Navigation-Timing, Resource-Timing, etc.) built into browsers to help measure the performance characteristics of the loading of a web page. That is, they do their best to quantify the work required by the browser when rendering a web page.
Progressing Towards Our Future in The Cloud, Together As organizations continue to fuel and execute on their digital transformation ambitions, they're increasingly finding significant business agility and cost savings by adopting cloud, multi-cloud, or hybrid architectures. Availability, security, and maximization of user experience are the top goals for organizations adopting these architectures. However, the "availability" promise of your cloud infrastructure may not necessarily extend to promise "accessibility'" of workloads, applications,
While March brings NCAA Madness, this year it also brought TLS 1.3, which will be coming to all Akamai customers soon! Let's give some background.
Traditional nav timing metrics have given us a lot in the way of understanding how our pages and apps are performing, but as users' expectations rise and page complexity grows, you need to really understand how users are perceiving the performance of your website beyond traditional page load timing. The goal of the new perceived performance metrics is to capture other important aspects of your visitor's overall experience during page
Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it can result in noisy false positive security events, which can eventually mask real attacks from being detected and blocked.
You can't manage what you can't measure. As devices grow in capacity and innovations allow us to do more with web apps, the complexity of our pages has grown, too. It becomes a balancing act to increase functionality while maintaining a performant and responsive site. Just like a great recipe, too much of any one ingredient can throw it off.
Attracting and retaining customers lies in your ability to offer an exceptional digital experience. Now that digital channels are increasingly preferred over channels of the past, the climate is increasingly competitive -- and businesses are fighting to maintain loyalty and keep users engaged online. The cost of switching is low, consumers are transient, and user expectations for how digital experiences should perform have never been higher. So how do
There have been two constants in DDoS over the last 10+ years: an ever-changing threat landscape and continuous growth in attack sizes. Akamai's Prolexic platform has stood the test of time, but we are continuing to invest in ways to make our customers' experience more valuable and relevant. I'm excited about the things we are doing to stay ahead of the curve, and I want to share a few of
Akamai continues to build a zero trust ecosystem by integrating it's Enterprise Application Access (EAA) with Duo's Multi-Factor Authentication (MFA) solution. Duo now natively integrates into EAA and augments access with push-based MFA, phone call delivery of MFA tokens, and additional device level checking. With the joint Akamai-Duo solution, organizations can begin adopting a zero trust security model. They can reduce dependencies on the network perimeter for access and enforce
Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers
In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data exchange over the DNS protocol.
It is understood that there is a significant amount of complexity to securing today's enterprise, especially as more services and applications move to the cloud and a Zero Trust security model is employed. We at Akamai are actively engaged in helping enterprises adjust to a Zero Trust security model and the approach that every user, network access point, and location should be treated the same and not trusted.
It has been a busy few months for crypto-mining! The advent of cryptocurrency has resulted in a rollercoaster ride of interest in the last 18 months, with millions of people making and losing millions in physical currency. Through all of this, cryptocurrency has been a heavy target for cybercriminals because there is much money to be made, and it's not that difficult to exploit the many exchanges that have recently
Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and
Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai API Overview Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.
Some weeks ago, my friend asked me the headlining question while we were having a random argument about electronics. I found it to be an interesting one, particularly because it underlines the current mindset towards security of electronic devices communicable over computer networks.