It’s that time of year again. Here at our global headquarters in Cambridge, Massachusetts, the days are getting shorter (at least in terms of sunrise and sunset). Gone are the 90 degree days of summer; 60 is the new normal. And as we are now in the midst of the final months of the year, Starbucks is bringing back its Pumpkin Spice Latte. Just kidding…that happened in August.
Here in October, Akamai is making a splash with the aptly named October Release. There’s a lot to digest – a lot of new features, some highly anticipated functionality, and other kinds of goodness. Let’s take a quick look at what’s on tap for security (and performance, if you’re into that kind of thing).
So we are on the same page – to us, the edge isn’t new. Akamai’s been doing it for 20 years. Now that the rest of the industry is catching up today, we all get to enjoy death by marketing buzzword. All joking aside, the industry’s focus on the edge as the hot “new” place to put intelligence is actually a great thing. We’ve been saying for years that the best place to inspect traffic for malicious threats is at the edge of the network, closest to the attacker and further from you. And now that your clouds are multiplying, the concept of intelligent security at the edge becomes even more important.
Here’s something you probably didn’t know – Akamai is more than just DDoS, WAF, and bot management. We’re also a Secure Internet Gateway (SIG). It’s been fun watching Enterprise Threat Protector evolve from a recursive DNS service to a full-featured SIG. And it breaks the mold on how you might think of Akamai as a security company. It’s not just about your website and SQL injections anymore. We’re talking about protecting your users from malware and phishing attacks and other advanced targeted threats. Read more about it here.
Remember that 1.3 Tbps attack from February? We mitigated that attack with seven scrubbing centers and 3.5 Tbps of capacity. We’ve more than doubled our Prolexic footprint and capacity since then, with 9 new scrubbing centers announced in April and two more this October. And with the new scrubbing centers in Osaka and Singapore, we’re showing our friends in Asia some more DDoS fighting love. But that 1.3 Tbps attack from February? We mitigated it in zero seconds. We’re ready to really turn it on for everybody, and it’s backed by a new zero second SLA. Read about everything we’re doing with Prolexic here.
We’re turning on API protection by default in both Kona Site Defender and Web Application Protector. Kona has had API protections for a year and a half now, using a positive security model tailored to your API definitions. But now, both products get automatic inspection of XML and JSON with a negative security model, which makes it easier than ever to protect your APIs. Read more about it here. Bonus reading: if APIs are your thing, be sure to check out the latest updates to the API Gateway as well.
Who doesn’t want to do more with less? In his blog post on Kona Site Defender’s new automated firewall protections, Akamai’s Volker Tegtmeyer thinks this will help you get your weekends back, but let’s be honest – there’s always more to do. That said, being able to reduce your attack surface and protect your entire application footprint is a nice bonus. Double bonus: take a tour of this new feature on developer.akamai.com.
Who went to the RSA Conference in San Francisco this year? Anyone who did saw zero trust everywhere, because a) it’s big; and b) it gets your attention (see what I did there). Managing application access in a hostile environment (and yes, that includes your corporate network) is a core component of any zero trust approach, and Enterprise Application Access now broadens the set of applications to which we can help manage access. Can you finally get rid of your traditional VPNs? I don’t know, but I say, a) it’s good to have goals; and b) reducing complexity is always a good thing. Read more about it here.
If you’ve ever used Bot Manager‘s Bot Analysis report, then you already know that it can help you really dig into the details of your bot traffic. But sometimes, you just want everything you need to know at the push of a button, especially when “sometimes” means multiple times a day. The new Bot Endpoint Protection report shows you the bot traffic for every protected endpoint, so you can get to the impact for every endpoint faster. See what it looks like here.
If you’re an Akamai user and want to learn more about this release and what it means to you, the Akamai Developer Relations team is putting together a webinar that will cover the latest Akamai developments around DevOps, web performance, and security. Sign up for the webinar here.
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Renny Shen. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/IpbMYs5-ZDQ/whats-new-in-security.html
The European Medicines Agency (EMA) says it was hacked by persons unknown.
Leading UK Credit Card Consumer Finance Company Uses Advanced Graph Analytics to Intercept Fraudulent Credit Card Applications, Boost Anti-Fraud Efforts…
Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at…
For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and…
It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing…
1. Be a student of (information security, network security, cyber security). Always strive to know what the latest tactics, trends,…