Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

January 13, 2014 5:02 AM

HacKid Conference: Security Training for Kids

As I've written before, we in Akamai InfoSec take our security training very seriously. We also know that our success as a security operation depends on the skills and talents of the future. So when I see great examples of training for younger generations, I'm compelled to mention it here. For this post, the subject is the HacKid Conference scheduled for April 19 and 20 at the San Jose Tech Museum of

Bill Brenner

Bill Brenner

January 9, 2014 8:27 AM

Like Skipfish, Vega is Used to Target Financial Site ...

Yesterday, we told you about how attackers were exploiting the Skipfish Web application vulnerability scanner to target financial sites. Since then, Akamai's CSIRT team has discovered that another scanner, Vega, is being exploited in the same manner. Skipfish and Vega are automated web application vulnerability scanners available by free download. Skipfish is available at Google's code website and Vega is available from Subgraph. These are scanners intended for security professionals to evaluate

Akamai

Akamai

January 8, 2014 2:58 PM

WordPress Plugins Exploitation Through the Big Data ...

Overview According to Wikipedia, WordPress is a free and open source blogging tool and a content management system (CMS) based on PHP and MySQL, which runs on a web hosting service. Features include a plug-in architecture and a template system. WordPress is used by more than 18.9% of the top 10 million websites as of August 2013. WordPress is the most popular blogging system in use on the Web, at

Bill Brenner

Bill Brenner

January 8, 2014 5:56 AM

Attackers Use Skipfish to Target Financial Sites

Akamai's CSIRT team has discovered a series of attacks against the financial services industry. In this instance, the bad guys are exploiting the Skipfish Web application vulnerability scanner to probe company defenses. Skipfish is available for free download at Google's code website. Security practitioners use it to scan their own sites for vulnerabilities. The tool was built and is maintained by independent developers and not Google, though Google's information security

Bill Brenner

Bill Brenner

January 7, 2014 7:37 AM

Why I'm Attending ShmooCon 2014

Here at Akamai, we're busy preparing for RSA Conference 2014. It's the biggest security conference of the year, and we send a platoon of employees every time. Given our role in securing the Internet, it's a no-brainer.But there are many other conferences we attend each year, because:We have a lot of information to share about attacks against Akamai customers and how the security team continues to successfully defend against them.We

Or Katz

Or Katz

January 6, 2014 11:30 AM

Analyzing a Malicious Botnet Attack Campaign Through ...

Two of the most prominent evolutions in the web application attacks landscape are scale and volume. Nowadays, attackers use tremendous amounts of computing resources such as those provided by cloud computing and botnets, in order to mount distributed large-scale attack campaigns over the Internet while keeping their identity hidden. From a security defense point of view, such attacks are a nightmare - they are much harder to detect and

Bill Brenner

Bill Brenner

January 6, 2014 7:07 AM

Security Predictions? Here Are Some Facts About 2014

I've said it before and will repeat it here: I absolutely loathe security predictions. I have nothing against those who make them. It's just that most predictions are always so much duh. The rest are marketing creations that have no attachment to reality. Examples of the self evident:Mobile malware is gonna be a big deal.Social networking will continue to be riddled with security holes and phishing attacks.Microsoft will release a lot

Akamai

Akamai

December 19, 2013 5:11 AM

Akamai Security Podcast: All The Episodes, Expanded

A round-up of the first nine episodes of the Akamai Security Podcast:Episode 1: CEO Tom Leighton discusses the legacy of Co-Founder Danny Lewin, Akamai's role on 9-11-01, and his vision of Akamai as a major player in the security industry.Episode 2:  I talk to Meg Grady-Troia about her role in Akamai InfoSec, particularly the security training she does for new hires. Episode 3: I talk to Larry Cashdollar, a senior security response engineer on our CSIRT team. Larry

Bill Brenner

Bill Brenner

December 18, 2013 5:19 AM

Akamai Security Compliance: The Story So Far

Continuing our weekly series of security anthologies, we focus today on Akamai compliance procedures. We're currently in the midst of an ongoing series on how Akamai approaches it, but the following content presents the story thus far. Four Things to Ask Before Seeking FedRAMP Certification For a look at how we reached FedRAMP certification, I spoke with Akamai InfoSec's Kathryn Kun, the program manager who played a critical role in