Akamai Diversity

The Akamai Blog

Renny Shen

Renny Shen

September 9, 2020 8:00 AM

Web Application and API Protection -- From SQL Injec ...

SQL injections were first discovered in 1998, and over 20 years later, they remain an unsolved challenge and an ongoing threat for every web application and API. The Open Web Application Security Project (OWASP) highlighted injection flaws in its Top 10 lists for both web application security risks and API security threats.

Ari Weil

Ari Weil

September 8, 2020 8:00 AM

Every Application Should Be Behind a WAF

It's no secret that security threats continue to expand in volume and variety, making headlines on virtually a daily basis. From nation-state attacks, corporate espionage, and data exfiltration campaigns to all-in-one and sneaker bot campaigns, businesses across the globe find themselves dealing with a deluge of inbound threats. The increased amount and variation of threats, and the proliferation of apps being deployed and managed by teams and individuals across the

Jim Black

Jim Black

September 2, 2020 9:00 AM

Akamai, CISA, and CIS Join Forces to Improve SLTT Cy ...

Cybercriminals continue to target U.S. state, local, tribal, and territorial (SLTT) government organizations. In 2019, there were more than 100 ransomware attacks -- including an attack on Baltimore's IT systems that locked out thousands of computers and disrupted nearly every city service. This attack is estimated to have cost the city as much as $18 million.

Tom Emmons

Tom Emmons

July 28, 2020 10:30 AM

Large, Complex DDoS Attacks on the Rise in 2020

While we've highlighted both record PPS and BPS attacks mitigated on the Akamai Prolexic Platform over the past few weeks, these attacks are part of a broader trend of increasingly large and complex DDoS activity. We have seen clear indications across the industry of high-water mark DDoS attacks being publicized by multiple vendors.

Eric Graham

Eric Graham

July 13, 2020 10:00 AM

Introducing Page Integrity Manager

On May 26, Akamai launched our Page Integrity Manager, extending our solutions for securing and delivering digital experiences. During beta, we monitored more than one trillion real-user interactions to understand script composition and behavior. Above all, one thing stood out: Scripts loaded in real users' browsers constitute a huge and continuously evolving attack surface, posing significant challenges to static approaches to these threats.

Jim Black

Jim Black

July 9, 2020 12:30 PM

The Children's Internet Protection Act (CIPA)

What Is CIPA? Enacted in 2000 by the United States Congress, the Children's Internet Protection Act (CIPA) limits children's exposure to explicit internet material such as obscene content. CIPA mandates that K-12 schools and public libraries must deploy technologies that filter this type of content on internet-connected computers in order to be eligible for federal funding such as E-Rate.

Tom Emmons

Tom Emmons

June 25, 2020 6:00 AM

Largest Ever Recorded Packet Per Second-Based DDoS A ...

On June 21, 2020, Akamai mitigated the largest packet per second (PPS) distributed denial-of-service (DDoS) attack ever recorded on the Akamai platform. The attack generated 809 million packets per second (Mpps), targeting a large European bank.

Lorenz Jakober

Lorenz Jakober

June 22, 2020 3:10 PM

Akamai Mitigates Sophisticated 1.44 Tbps and 385 Mpp ...

It always surprises me how easily a community can adapt to a new situation or reality. What was once considered an outlier or even an unimaginable situation can quickly become our new normal.

Gerhard Giese

Gerhard Giese

June 10, 2020 2:34 PM

Mitigating Credential Stuffing Attacks in the Financ ...

(If You Think Multi-Factor Authentication Prevents Credential Stuffing, Think Again!) Financial services firms around the world are experiencing credential stuffing attacks at an alarming rate. Cybercriminals are using readily available automation tools, botnets, and compromised account credentials to mount increasingly sophisticated and stealthy attacks. Many businesses are using multi-factor authentication (MFA) to strengthen access security and combat credential theft. While useful and necessary, MFA does not necessarily prevent credential stuffing.