Akamai Diversity

The Akamai Blog

Or Katz

Or Katz

January 26, 2017 10:11 AM

Improving Credential Abuse Threat Mitigation

Have you ever tried to login to your favorite website and mistakenly typed the wrong user name and password once, or even twice? I bet you have. And what about submitting a third consecutive false attempt? In most cases, at that point a secure website will start questioning the integrity of your actions. From a defense point of view, websites should suspend and limit false login attempts to confirm authenticity

Lorenz Jakober

Lorenz Jakober

January 24, 2017 10:03 AM

Third-party and remote enterprise application access ...

As we know, enterprises have come a long way from the days when a few remote users needed access to a handful of applications. Now, applications can live in data centers, in AWS, in Azure - in reality, anywhere on the Internet. So who really needs to access these enterprise apps?

Larry Cashdollar

Larry Cashdollar

January 6, 2017 6:00 AM

JAR: What You Need To Know

On December 29th, the United States Computer Emergency Readiness Team (US-CERT), in coordination with the FBI, released a document outlining recent attacks against US interests that have been attributed to the Russian government. To be clear, Akamai does not comment on the attribution of attacks. Rather we would like to inform our customers of what a reasonable, informed course of action should be regarding this new information.

Or Katz

Or Katz

January 5, 2017 9:55 AM

The Year of Attacking "Things"

Yearly Review 2016 was an exciting year; a year in which hazards related to the Intent of Things (IoT) became trendy small talk in many living rooms around the world. For us, the members of the InfoSec community, it was the year when the security risks of IoT devices evolved from being theoretical to becoming a practical problem to us all. It was the year in which we all realized

Rich Bolstridge

Rich Bolstridge

December 12, 2016 10:51 AM

Dyn DDoS Attack: Lessons Learned for the Financial S ...

In the first of this two-part blog, I reported the impact that the Dyn DDoS attack had on the financial services industry. Banks, insurers, credit cards, and others had two waves of impacts on Oct. 21, with many websites clocking in with 60 second page response times, and others with outright failures, not able to service their customers. In Part 2, we'll dig into some details to better understand the

Martin McKeay

Martin McKeay

November 16, 2016 2:33 PM

Prepare for the Worst, Hope for the Best

Leading up to the U.S Presidential Election last week, the oracles of the security world were warning of all the possible types of attacks we might see during the day of decision making. We were preparing for attacks against voting machines, disinformation spread through social media platforms, more email leaks, and above all Distributed Denial of Service (DDoS) attacks against everyone from the White House to news sites around the

Dave Lewis

Dave Lewis

November 8, 2016 12:16 PM

The SOTI Q3 and Hordes of Savage Barbarian IoT

Each quarter the Akamai team delves into the volumes of data that we have at our disposal. Every time we do so we find something new and exciting, and this last quarter was by no means an exception. You might have heard of a little botnet called Mirai that set the Internet on its ear during the month of October.

Or Katz

Or Katz

November 3, 2016 10:51 AM

Yes, My Name is ||

Boolean Operator Different cultures and nationalities have different naming conventions; I came from a one that led me to face the universe with a personal name "Or". I fact, my name has different meanings in different languages. In English the meaning of "Or" is function word that indicate alternatives and in computer coding languages the name "Or" is being used as Boolean operator that enable us to write conditions in

Erik Nygren

Erik Nygren

November 2, 2016 9:28 AM

Planning for the end of 2016: a leap second and the ...

New Year's Eve is typically in the depth of end-of-year change freezes for most IT organizations. At the end of 2016, however, two major events will be occurring right at the end of the year: a leap second and the final end of browser support for SHA-1 TLS certificates. Both of these changes have the potential to break software systems and applications. Significant preparation, planning, and testing ahead-of-time can significantly