The Akamai BlogSubscribe
A Two Week Overview of the Latest Massive Scale RFI ...
In the past several weeks, Akamai was in a unique position to witness a massively orchestrated attack, designed to map Internet facing web servers that are susceptible to certain specific vulnerabilities.
ISO 30111 Vulnerability Handling Processes Published
One of the big news items from ShmooCon 2014 was that the ISO 30111 Vulnerability Handling Processes is now published. The document, edited by Microsoft Senior Security Strategist Lead Katie Moussouris, has been a long time coming. Specifically, it outlines how vendors should investigate, triage, and resolve all potential vulnerabilities, whether reported from external finders or via the vendor's internal testing.
#ShmooCon, Day 2: For the Love of LobbyCon
I've said it about other conferences: The most important activity -- even more so than attending talks -- is the networking that goes on in the lobby, something that's become popularly known as LobbyCon. It's especially true for those attending ShmooCon here in the nation's capital.
#ShmooCon, Day 2: Instant Messaging Insecurity
At Akamai, one of our security policies goes something like this: If you want to do instant messaging for personal matters, use whatever you want. If you want to discuss company business on IM, however, you have to use a specialized instant messaging program we've set up specifically for communication between colleagues.
#ShmooCon, Day 2: Security Tools You Can Use
As the second day of ShmooCon 2014 dawns over Washington DC, I'm reflecting on the talks that kicked off the weekend yesterday. Particularly useful was a presentation by security practitioner Rob Fuller called "Attacker Ghost Stories: Mostly Free Defenses That Give Attackers Nightmares."
#ShmooCon, Day 1: Schwag for the Security Messaging ...
After getting my badge for this weekend's ShmooCon conference in Washington DC, I excitedly emptied the contents of my bag on the table. Schwag. Lots of it. There was a wooden airplane kit. A harmonica. Stickers aplenty. All branded with the names of various security vendors and organizations.
Your January 2014 Patch Tuesday Update
Patch Tuesday is an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is Microsoft's January 2014 Security Update.
A New Resource for Training Kids in Internet Safety
I got a message this morning from an Akamai colleague who read yesterday's blog post on the HacKids security conference for children. He wanted me to know that he is doing something similar. Stefano Buttiglione, one of our senior solutions architects, says a school in his home town in Italy asked him to do a training course on the risks of social media to kids and their parents. It started as
HacKid Conference: Security Training for Kids
As I've written before, we in Akamai InfoSec take our security training very seriously. We also know that our success as a security operation depends on the skills and talents of the future. So when I see great examples of training for younger generations, I'm compelled to mention it here. For this post, the subject is the HacKid Conference scheduled for April 19 and 20 at the San Jose Tech Museum of