Akamai Diversity

The Akamai Blog

Akamai and Snyk Partnership Creates a Powerful Combination for In-Browser Script Protection

A web experience begins with the sum of the code you created. But it also includes all the code the user is put in contact with when loading your website. This means the attack surface to monitor for web application software threats is not just your code repositories, but the sum of the assets real users encounter from the entire web application supply chain. This includes your codebase, open-source libraries used as dependencies (e.g., npm packages), third-party scripts loaded via script tags, and more.

The supply chain incorporates services and apps for a range of business and user experience requirements. An ever-changing and evolving set of third-party scripts provides in-browser services used to optimize the user experience, fill out forms, and process customer payments. In such a personalized environment, sorting out good interactions from bad requires rigorous script monitoring, solid script intelligence, and an environment designed to visualize, analyze, and mitigate unwanted activity.

A new partnership between Akamai and Snyk brings the power of Snyk's vulnerability database to that constantly shifting front-end attack surface. Via Akamai's Page Integrity Manager, developers and web protectors are enabled to have a complete view of the vulnerabilities powering their real-user experiences.

Akamai's Page Integrity Manager is expanding vulnerability coverage and information by leveraging the SnykIntel Vulnerability Database to determine what vulnerabilities exist in front-end assets loaded by real users and to include key vulnerability details from the Snyk database within the product user experience.

Akamai's Page Integrity Manager currently provides script intelligence information from other open-source vulnerability databases. To complement those sources, Snyk provides a wider range of vulnerabilities (non-CVE) data and uniquely rich CVE details for better understanding and mitigations. Snyk's vulnerability reports include unique content, such as PoC examples to be able to reproduce vulnerability exploits, and information about the different attack vectors that can leverage the vulnerability and mitigation tactics.  As a first step, Akamai will include a link to Snyk vulnerability reports for relevant CVEs detected in real-user sessions. Customers can easily click through specific detected vulnerabilities in real time to get enriched data.

Security_Blog_Day3.pngAkamai has embraced and invested in bringing to market an industry-leading, PCI-compliant, web skimming protection product in Page Integrity Manager. Page Integrity Manager focuses on script execution behavior with unprecedented visibility into the runtime environment; it collects information about the different scripts that run in the web page, each action they take, and their relation to other scripts in the page. Pairing this data with our multilayered detection approach -- leveraging heuristics, risk scoring, AI, and other factors -- allows Page Integrity Manager to detect different types of client-side attacks, with a high focus on data exfiltration and web skimming attacks.

Adding Snyk's industry-defining vulnerability database to Page Integrity Manager's arsenal makes it one of the most comprehensive and effective script protection solutions available today.

To learn more about Akamai Page Integrity Manager and Snyk go to www.akamai.com/PIM and www.snyk.io.

There will be more opportunities to engage with us on this and more at Edge Live | Adapt. Sign up to see how customers are leveraging these improvements, engage in technical deep dives, and hear from our executives how Akamai is evolving for the future.