Akamai Diversity

The Akamai Blog

Recently by Miguel Serrano

Miguel Serrano

Miguel Serrano

October 13, 2016 10:49 AM

Who is cyber-attacking my country?

You. And if not you, surely some of your fellow compatriots are. With a notable exception, but I'll come to this later in the article. For forensic purposes, determining the origin country IPs involved in DDoS attacks ­-called 'zombies'- helps to determine who and where the victim is, but tells nothing about the location where the actual attacker sits, since those zombies, usually well distributed geographically speaking, have been infected

Miguel Serrano

Miguel Serrano

June 23, 2016 11:15 AM

How real can fiction become?

It is interesting to see how fiction can affect our judgement or, at least, our opinions. Below, what you have is an excerpt (the first chapter) of a draft of a novel that I have come across and made me think a lot. Bear with me: read this entire article and then come back to this post. If nothing else, you may enjoy 4 minutes of literature.

Miguel Serrano

Miguel Serrano

December 21, 2015 2:07 PM

WAF: Ease of management

In my last articles I introduced the idea of how simple is the concept of a WAF (although implementing a reliable WAF system is not that simple), what are false positives and false negatives and the best approach to trade-off between them, what is the impact of wide visibility when it comes to build a WAF, the importance of having a solid team of experts backing up a WAF solution,

Miguel Serrano

Miguel Serrano

December 18, 2015 11:18 AM

WAF: Adequate scale

Let's move on with our analysis of the ideal WAF requirements. Scale is, without a doubt, one of the most important requirements of an effective WAF. Scale has to be considered from two perspectives: under standard traffic conditions and under unusually high levels of traffic. Let's look at each one.

Miguel Serrano

Miguel Serrano

December 16, 2015 11:07 AM

WAF: Threat Intelligence, the brain behind the machi ...

First time I jumped into a plane I was around 10 or 12 years old. The crew, moved by my innocent face and my dazzle, gave me a great gift: they allowed me to enter into the cabin where the pilot was commanding the flight. This is what I saw:

Miguel Serrano

Miguel Serrano

December 14, 2015 1:39 PM

WAF: Visibility into attacks and adaptability to cha ...

In previous posts WAF: False Positives vs. False Negatives and WAF: trade-off between false positives and false negatives, we talked about the importance of WAF accuracy and the strategy that Akamai follows when developing the system of proprietary rules (Kona Rule Set or KRS) that govern the WAF.

Miguel Serrano

Miguel Serrano

December 11, 2015 11:38 AM

WAF: trade-off between false positives and false neg ...

In the previous article, we introduced, arguably, the most important metric to measure WAF quality (in subsequent entries we will talk about WAF performance). But we left one question flying in the air: How can we achieve that our WAF rules provide a virtually null False Positive rate, keeping at the same time a very low percentage of False Negatives?

Miguel Serrano

Miguel Serrano

December 9, 2015 1:47 PM

WAF: False Positives vs. False Negatives

I said in my last article that one of the key factors when it comes to judging the effectiveness of a WAF is accuracy. There is a metric that, measured in an objective way, provides an unmistakable view of quality and accuracy of a WAF solution: false negatives and false positives.

Miguel Serrano

Miguel Serrano

December 7, 2015 10:38 AM

WAF. Under myth-busters' scrutiny.

Tangina Barros, the medium in the Poltergeist film series, taxes and Internet security. These three things have in common that they scare, they intimidate and they may keep you awake at night. With regards to the first two topics, the only thing I can do is remember that Poltergeist is just a movie, seriously, just a movie (I keep saying that to convince myself, quite unsuccessfully, though) and that