The Akamai Blog Subscribe
Managing bots 101 - Part 1: Stop playing the Whack-a ...
As you may have heard, Akamai recently introduced a new product, Bot Manager. I've been working at Akamai for close to 10 years and, in my past roles here (Technical Support Engineer, Enterprise Architect), I've had the opportunity to work closely with many customers who had issues with bots. Generally, this was about protecting the site against "bad bots" but also making sure that "good bots" were not impacted by
Hackers vs. Media
We're used to hearing about cyber attacks against financial institutions and retailers. But another industry faces a growing threat: Media. Digital media publishers strive to provide meaningful content and a user experience that will grow a dedicated base of content consumers. This allows the publisher to partner with and provide services to marketing and advertising concerns to build cash flow that can be used to further enhance the experience for
Scraper and Bot Series - When Good Bots Go Bad
By Bill Brenner, Akamai SIRT Senior Tech Writer Akamai this week launches the first in a series about bots and scrapers, based on continued research by Akamai's Security Intelligence Research Team (SIRT). In the first installment, we discuss the various types of bots and scrapers that we have encountered, and how you may want to react to each. This paper will mainly focus on the known "good bots", -- traffic
Akamai and the DROWN Vulnerability (Updated)
3/8/16 UPDATE: Akamai continues to harden systems against the DROWN vulnerability (CVE-2016-0800), which exploits legacy encryption protocols in order to compromise keys that secure modern protocols, like TLSv1.2. (It does not leak the SSL/TLS keys themselves.) We have taken the necessary steps to protect both our customer-facing and critical internal systems from this vulnerability as of March 1, 2016. We will continue to identify and patch non-critical systems on an
Enterprise Security - SSL/TLS Primer Part 2 - Public ...
Join me over the next few posts as I talk about how to provide fast, reliable, and secure applications in the branch while protecting end-users and promoting a transparent and open Internet. In Enterprise Security - SSL/TLS Primer Part 1 - Data Encryption I covered the fundamentals of data encryption. For part two we will cover certificates. Let's start with the basics.
I Once Was Blind But Now I Can See
CDN-based WAF + Big Data Intelligence is a Gold Mine for This Security Researcher I am frequently asked by friends and colleagues why I joined Akamai's Threat Research Team. I can boil it down to three main reasons: People, Technology and Data.
Akamai Response To "Forwarding-Loop" Issue
Akamai is aware of the research paper titled "Forwarding-Loop Attacks in Content Delivery Networks" published by Jianjun Chen et. al on Feb. 29. We have reviewed the researchers' findings, and are confident that we already have adequate counter-measures in place to thwart any attempt to use Akamai as an attack vector in the manner described by the paper. The paper describes four types of forwarding-loop attacks against CDNs: self-loop, intra-CDN
Q4 2015 SOTI Security Report: Web Application Attack ...
Monday, Akamai released the Q4 2015 State of the Internet Security (SOTI Security) Report (download here). I've been writing posts throughout the week focusing on specific parts of the report. For this installment, let's take a look at Web application attacks by industry. Related: Q4 2015 SOTI Security presentations at RSA Conference 2016 Q4 2015 SOTI Security Infographic Video: SOTI Security in 60 Seconds with Akamai CSO Andy Ellis
Enterprise Security - SSL/TLS Primer Part 1 - Data E ...
Join me over the next few posts as I talk about how to provide fast, reliable, and secure applications in the branch while protecting end-users and promoting a transparent and open Internet. Let's start with the basics. So what is SSL/TLS & how does it work?