The Akamai BlogSubscribe
Account for Risk in your ROI for Web Application Fir ...
Earlier this week, we published a new white paper titled, "Weighing Risk Against the Total Cost of a Data Breach," on Akamai.com. Ordinarily, a white paper wouldn't be a particularly interesting subject for a blog post, but this one explores a topic that has generated a lot of questions from our customers - how do I financially justify a Web application firewall solution to my management?
Is Your Web Security in the Dark Ages?
The data center perimeter is dead - web assets cannot be protected by a fortress wall - but a historical view of web protection lives on in the way many IT departments continue to defend their infrastructures. Websites and web applications increasingly live outside the data center. Cloud-based applications and websites are at constant risk from web threats that are becoming more damaging and sophisticated by the day.
Meet Akamai InfoSec's 4th Intern
Last week I recorded a podcast interview with three of Akamai InfoSec's four summer interns. Due to a schedule conflict, the fourth intern -- Boston University Computer Science major Allan Wirth -- was interviewed separately.Wirth will be a senior this fall and hopes to embark on a career in web security. The work he did for Akamai will serve him well to that end. Under the supervision of InfoSec's
Public Compliance Docs: The List So Far (Updated)
As previously noted, Akamai InfoSec has been working to make its most sought after compliance documents publicly available. The goal is to make it easier for customers to access the answers they regularly seek, and also to show potential new customers how we operate. We're building the foundation in the form of a compliance page on the Akamai Security microsite, and hope to publish up to two fresh public docs a
Microsoft's Patch Tuesday Release for August 2014
Microsoft released its August 2014 Security Update Tuesday. The company's OneNote note-taking software, Internet Explorer browser, Server software, and .NET Framework were most affected this time.
Akamai Security Podcast: Meet the InfoSec Interns
In the latest episode of the Akamai Security Podcast, I interview three interns -- Yuan Jiang, Chae Won Lee and Tom Boning. They spent the summer working with our InfoSec team. They talk about their projects and where they hope to go from here.Listen to the full episode HERE.
Video Presentations from BSidesLV 2014
My friend Adrian Crenshaw of Irongeek.com has pulled off quite a feat -- posting all of BSidesLV's video-recorded presentations. Pretty impressive, since it's barely been a week since the event opened. Go here to watch the full roster of videos. For this post, I want to share the presentation by Akamai's own Patrice Coles, "Third-Party Service Provider Diligence: Why are we doing it all wrong?"
Security Kahuna Podcast: Las Vegas Edition
Akamai Security Storyteller Bill Brenner and Akamai Security Advocates Martin McKeay and Dave Lewis report from Las Vegas during Black Hat, BSidesLV and DEF CON. They are joined by special guests Steve Ragan and Gillis Jones.They touch on antivirus pioneer John McAfee's appearances at BSidesLV and DEF CON, security luminary Dan Geer's Black Hat keynote, and try to answer the age-old question: Why go to these events?About our guests:Steve Ragan
OpenSSL Vulnerabilities
On Wednesday, 2014-08-06, the OpenSSL Project disclosed nine low- and moderate-severity vulnerabilities, with details published here. These are vulnerabilities that can potentially impact OpenSSL clients and servers worldwide. We currently believe our services are not impacted by CVE-2014-3508, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, and CVE-2014-3512. We are in the process of rolling out a fix to address vulnerabilities CVE-2014-3511 and CVE-2014-5139 for each of our relevant services. Akamai is investigating