Akamai Diversity

The Akamai Blog

David Senecal

David Senecal

March 22, 2016 12:47 PM

Managing bots 101 - Part 2: Response strategies for ...

In part 1 of this series we've discussed the difficult problem of differentiating the good vs. the bad. In this article we'll review how to go about defining a response strategy to manage bots that you think are bad for your business. First thing you'll have to decide is whether you want to serve any content at all to these bots. We recommend you do to keep the bot at

David Senecal

David Senecal

March 21, 2016 9:35 AM

Managing bots 101 - Part 1: Stop playing the Whack-a ...

As you may have heard, Akamai recently introduced a new product, Bot Manager. I've been working at Akamai for close to 10 years and, in my past roles here (Technical Support Engineer, Enterprise Architect), I've had the opportunity to work closely with many customers who had issues with bots. Generally, this was about protecting the site against "bad bots" but also making sure that "good bots" were not impacted by

Benjamin Brown

Benjamin Brown

March 17, 2016 10:00 AM

Hackers vs. Media

We're used to hearing about cyber attacks against financial institutions and retailers. But another industry faces a growing threat: Media. Digital media publishers strive to provide meaningful content and a user experience that will grow a dedicated base of content consumers. This allows the publisher to partner with and provide services to marketing and advertising concerns to build cash flow that can be used to further enhance the experience for

Akamai SIRT Alerts

Akamai SIRT Alerts

March 10, 2016 9:00 AM

Scraper and Bot Series - When Good Bots Go Bad

By Bill Brenner, Akamai SIRT Senior Tech Writer Akamai this week launches the first in a series about bots and scrapers, based on continued research by Akamai's Security Intelligence Research Team (SIRT). In the first installment, we discuss the various types of bots and scrapers that we have encountered, and how you may want to react to each. This paper will mainly focus on the known "good bots", -- traffic

Akamai

Akamai

March 8, 2016 3:30 PM

Akamai and the DROWN Vulnerability (Updated)

3/8/16 UPDATE: Akamai continues to harden systems against the DROWN vulnerability (CVE-2016-0800), which exploits legacy encryption protocols in order to compromise keys that secure modern protocols, like TLSv1.2. (It does not leak the SSL/TLS keys themselves.) We have taken the necessary steps to protect both our customer-facing and critical internal systems from this vulnerability as of March 1, 2016. We will continue to identify and patch non-critical systems on an

Charlie Gero

Charlie Gero

March 8, 2016 10:49 AM

Enterprise Security - SSL/TLS Primer Part 2 - Public ...

Join me over the next few posts as I talk about how to provide fast, reliable, and secure applications in the branch while protecting end-users and promoting a transparent and open Internet. In Enterprise Security - SSL/TLS Primer Part 1 - Data Encryption I covered the fundamentals of data encryption. For part two we will cover certificates. Let's start with the basics.

March 7, 2016 9:27 AM

I Once Was Blind But Now I Can See

CDN-based WAF + Big Data Intelligence is a Gold Mine for This Security Researcher I am frequently asked by friends and colleagues why I joined Akamai's Threat Research Team. I can boil it down to three main reasons: People, Technology and Data.

Akamai

Akamai

March 3, 2016 1:58 PM

Akamai Response To "Forwarding-Loop" Issue

Akamai is aware of the research paper titled "Forwarding-Loop Attacks in Content Delivery Networks" published by Jianjun Chen et. al on Feb. 29. We have reviewed the researchers' findings, and are confident that we already have adequate counter-measures in place to thwart any attempt to use Akamai as an attack vector in the manner described by the paper. The paper describes four types of forwarding-loop attacks against CDNs: self-loop, intra-CDN

Bill Brenner

Bill Brenner

March 2, 2016 10:38 AM

Q4 2015 SOTI Security Report: Web Application Attack ...

Monday, Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I've been writing posts throughout the week focusing on specific parts of the report. For this installment, let's take a look at Web application attacks by industry. Related: Q4 2015 SOTI Security presentations at RSA Conference 2016 Q4 2015 SOTI Security Infographic Video: SOTI Security in 60 Seconds with Akamai CSO Andy Ellis