Akamai Diversity

The Akamai Blog

Or Katz

Or Katz

September 17, 2020 8:00 AM

Rethinking Defensive Strategy at the Edge, Part 3: S ...

Our three-part blog series, Re-thinking Defensive Strategy at the Edge, has been focusing on outlining a new defensive edge strategy for today's enterprise. We began with a discussion of data and indicators. Most recently, our second post focused on using risk signals and correlating them for improved security controls. This last post in the series will transition the discussion from data and correlation into how to use these to enable

Or Katz

Or Katz

September 16, 2020 8:00 AM

Rethinking Defensive Strategy at the Edge, Part 2: R ...

In the first post in our blog series Rethinking Defensive Strategy at the Edge, we began to outline why a new defensive edge strategy is needed for today's enterprise. As previously mentioned, the strategy enhances those in place and introduces another layer of defense that includes the following three components: data and indicators, risk-based signals and entities, and protective actions. This post explores user entities as well as risk-based signals

Or Katz

Or Katz

September 14, 2020 8:00 AM

Rethinking Defensive Strategy at the Edge, Part 1: A ...

In recent years, new enterprise remote access architectures and frameworks have been introduced, such as Zero Trust Access (ZTA). Those concepts have driven changes in the way the network perimeter has been defined -- specifically, from the outside in, not the inside out. Access to applications and services usually start from users and devices outside of traditional on-premises network perimeters.

Ari Weil

Ari Weil

September 11, 2020 3:04 PM

Unprecedented Levels of Ransom DDoS Extortion Attack ...

The FBI has released a flash warning that thousands of organizations around the world, and across multiple industries, have been threatened with DDoS attacks unless they pay a bitcoin ransom. This ransom DDoS, or RDoS, threat was covered by Akamai's Security Intelligence Response Team (SIRT) in a Security Alert released on August 17, 2020.

Ziv Eli

Ziv Eli

September 11, 2020 12:15 PM

When Hackers Take Advantage of Your Trusted Vendors

As JavaScript-based client-side attacks continue to evolve, we see how attackers are getting more sophisticated and employing more advanced techniques. Unfortunately, it has been proven many times that any website partner can be exploited to carry out an attack. In the past month, we witnessed one of the most popular and trusted vendors being used as a credit card data exfiltration vector -- Google Analytics.

Renny Shen

Renny Shen

September 9, 2020 8:00 AM

Web Application and API Protection -- From SQL Injec ...

SQL injections were first discovered in 1998, and over 20 years later, they remain an unsolved challenge and an ongoing threat for every web application and API. The Open Web Application Security Project (OWASP) highlighted injection flaws in its Top 10 lists for both web application security risks and API security threats.

Ari Weil

Ari Weil

September 8, 2020 8:00 AM

Every Application Should Be Behind a WAF

It's no secret that security threats continue to expand in volume and variety, making headlines on virtually a daily basis. From nation-state attacks, corporate espionage, and data exfiltration campaigns to all-in-one and sneaker bot campaigns, businesses across the globe find themselves dealing with a deluge of inbound threats. The increased amount and variation of threats, and the proliferation of apps being deployed and managed by teams and individuals across the

Jim Black

Jim Black

September 2, 2020 9:00 AM

Akamai, CISA, and CIS Join Forces to Improve SLTT Cy ...

Cybercriminals continue to target U.S. state, local, tribal, and territorial (SLTT) government organizations. In 2019, there were more than 100 ransomware attacks -- including an attack on Baltimore's IT systems that locked out thousands of computers and disrupted nearly every city service. This attack is estimated to have cost the city as much as $18 million.

Tom Emmons

Tom Emmons

July 28, 2020 10:30 AM

Large, Complex DDoS Attacks on the Rise in 2020

While we've highlighted both record PPS and BPS attacks mitigated on the Akamai Prolexic Platform over the past few weeks, these attacks are part of a broader trend of increasingly large and complex DDoS activity. We have seen clear indications across the industry of high-water mark DDoS attacks being publicized by multiple vendors.