Akamai Diversity

The Akamai Blog

As you may have heard, Akamai recently introduced a new product, Bot Manager. I've been working at Akamai for close to 10 years and, in my past roles here (Technical Support Engineer, Enterprise Architect), I've had the opportunity to work closely with many customers who had issues with bots. Generally, this was about protecting the site against "bad bots" but also making sure that "good bots" were not impacted by any of the mitigation techniques. 

Hackers vs. Media

We're used to hearing about cyber attacks against financial institutions and retailers. But another industry faces a growing threat: Media.

Digital media publishers strive to provide meaningful content and a user experience that will grow a dedicated base of content consumers. This allows the publisher to partner with and provide services to marketing and advertising concerns to build cash flow that can be used to further enhance the experience for content consumers.

4 Critical Focus Areas

During a recent business trip, I had the opportunity to finally see Adam McKay's wonderful portrayal of the horror that was the 2008 financial crisis - "The Big Short." Christian Bale, Ryan Gosling and Steve Carell brought me right back to that time, not so long ago, when we all witnessed the fall of major Wall Street firms and the destruction caused by the sub-prime mortgage boom.

GDC is here, and Akamai is... there.

Now is the time to stop by the Akamai booth at GDC. We've got an interactive demo that will surprise you. We've also got several games experts at the booth who can discuss what we've done to help some of the biggest games on the planet.

The Akamai Media team is hard at work putting together a completely new experience for you at NAB this year - you'll actually be able to walk through an OTT workflow and see firsthand what Akamai is doing to help you get your content and media files online faster, for delivery to bigger audiences at the highest quality. Stay tuned for more exciting details as the show approaches.

One of the important, and more interesting, use cases of Network Function Virtualization (NFV) and Software Defined Networking (SDN) is CORD.

CORD stands for Central Office Re-architected as Datacenter.  It "combines NFV, SDN, and the elasticity of commodity clouds to bring datacenter economics and cloud agility to the Telco Central Office" according to the CORD website.  It is an initiative that was started by AT&T and Open Networking Lab (ON.Lab) almost two years ago now.  

Scraper and Bot Series - When Good Bots Go Bad

By Bill Brenner, Akamai SIRT Senior Tech Writer

Akamai this week launches the first in a series about bots and scrapers, based on continued research by Akamai's Security Intelligence Research Team (SIRT). In the first installment, we discuss the various types of bots and scrapers that we have encountered, and how you may want to react to each. This paper will mainly focus on the known "good bots", -- traffic that is encouraged because it can be helpful to a business.

Games Industry Leaders Speak About Player Experience

Whenever I'm at a games event, I try to start debates. My go-to firestarter is the topic of whether or not we're doing everything we can to make the player experience better. Some people insist that players don't care, and will put up with anything. Others argue that gameplay is king. Still others (close to my heart) suggest that there are many places where the player experience could be made better.

We've always known that you never get a second chance to make a first impression and it couldn't be truer than it is with mobile financial services. It takes less than two-tenths of a second for an online visitor to form a first opinion of your brand, and as noted in Akamai's recent whitepaper "Digital Transformation, Millennials and the Future of Financial Services", 52% of mobile financial services customers expect pages to load in two seconds or less, while 23% expect instant page load. Consumer's high expectations for mobile financial services, coupled with the rise of digitally native competition, mean the stakes have never been higher for banks and insurers looking to acquire new customers. When banks and insurers get this right and delight customers with exceptional digital experiences, it becomes much easier to sell additional products, prove value, and create loyal customers. Loyal customers are the ultimate nirvana for financial institutions because the added cost of selling another product to an existing customer is often only about ten percent of the cost of selling that same product to a new customer.

Here are a few things to keep in mind to ensure that your customer remains central to your mobile strategy.

3/8/16 UPDATE:  Akamai continues to harden systems against the DROWN vulnerability (CVE-2016-0800), which exploits legacy encryption protocols in order to compromise keys that secure modern protocols, like TLSv1.2. (It does not leak the SSL/TLS keys themselves.) 

We have taken the necessary steps to protect both our customer-facing and critical internal systems from this vulnerability as of March 1, 2016.  We will continue to identify and patch non-critical systems on an as-needed basis.

The Decrypting RSA with Obsolete and Weakened eNcryption attack, described here, allows an adversary to compromise secrets from modern-TLS connections if any machine will accept SSLv2 connections using the same key & certificate.

Our secure delivery services are not vulnerable to DROWN. Individual customers have the option to enable SSLv2 for their own sites. Doing so would expose that customer's connections to DROWN.

While Akamai secure delivery provides protection, customers are still advised to verify that the origin servers they operate themselves do not use SSLv2. If they do have to use SSLv2, they should not do so using the same key & certificate as would be used for more secure connections.

The vulnerability is getting attention from such media outlets as The Register and Ars Technica.

The official DROWN web page calls this "a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security." Attackers can exploit it to break the encryption and read or steal sensitive communications such as passwords, credit card numbers, trade secrets, or financial data. The researchers estimate that 33% of all HTTPS servers are vulnerable to the attack.

If you have any questions or concerns regarding this vulnerability and your Akamai services, please use our Community post dedicated to the subject, or contact your Akamai Representative or Customer Care.

If our investigation uncovers additional risks, we will provide follow-up blog posts, Akamai Community posts, and Luna Portal advisories to update customers on how we are affected and what we're doing about it.