While March brings NCAA Madness, this year it also brought TLS 1.3, which will be coming to all Akamai customers soon! Let's give some background.
Get In Touch
Traditional nav timing metrics have given us a lot in the way of understanding how our pages and apps are performing, but as users' expectations rise and page complexity grows, you need to really understand how users are perceiving the performance of your website beyond traditional page load timing. The goal of the new perceived performance metrics is to capture other important aspects of your visitor's overall experience during page load and beyond.
Every security team knows that the success of any security product relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application, or worse - legitimate traffic being blocked. In addition, it can result in noisy false positive security events, which can eventually mask real attacks from being detected and blocked.
You can't manage what you can't measure. As devices grow in capacity and innovations allow us to do more with web apps, the complexity of our pages has grown, too. It becomes a balancing act to increase functionality while maintaining a performant and responsive site. Just like a great recipe, too much of any one ingredient can throw it off.
Attracting and retaining customers lies in your ability to offer an exceptional digital experience. Now that digital channels are increasingly preferred over channels of the past, the climate is increasingly competitive -- and businesses are fighting to maintain loyalty and keep users engaged online. The cost of switching is low, consumers are transient, and user expectations for how digital experiences should perform have never been higher.
So how do you beat out your competition to attract and retain more customers? Every advantage you can get matters, and it's important to start with a baseline of understanding using the right measurements and real user data.
There have been two constants in DDoS over the last 10+ years: an ever-changing threat landscape and continuous growth in attack sizes. Akamai's Prolexic platform has stood the test of time, but we are continuing to invest in ways to make our customers' experience more valuable and relevant. I'm excited about the things we are doing to stay ahead of the curve, and I want to share a few of the developments that are in motion today as we invest to make it the largest, most advanced and effective DDoS mitigation platform available anywhere. But first, a recap...
Akamai continues to build a zero trust ecosystem by integrating it's Enterprise Application Access (EAA) with Duo's Multi-Factor Authentication (MFA) solution. Duo now natively integrates into EAA and augments access with push-based MFA, phone call delivery of MFA tokens, and additional device level checking. With the joint Akamai-Duo solution, organizations can begin adopting a zero trust security model. They can reduce dependencies on the network perimeter for access and enforce strong authentication and authorization for all users and devices, thereby preventing attackers with stolen credentials or devices with a weak security posture from accessing applications.
Ryan Barnett, Principal Security Researcher, Akamai
Elad Shuster, Senior Security Researcher, Akamai
During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers for a variety of reason.
In a previous blog post, we described how the DNS protocol, mainly designed for hostname to IP addresses resolution, can be abused for arbitrary data exchange. Based on throughput (i.e., bytes per hour), we distinguish between two classes of data exchange over the DNS protocol.
It is understood that there is a significant amount of complexity to securing today's enterprise, especially as more services and applications move to the cloud and a Zero Trust security model is employed. We at Akamai are actively engaged in helping enterprises adjust to a Zero Trust security model and the approach that every user, network access point, and location should be treated the same and not trusted.