March 2020 — Akamai Edge Security: Leader in Five Forrester Wave Reports

Forrester has named Akamai a Leader in five different Wave and New Wave reports. This significant achievement reflects the strength of Akamai’s intelligent edge platform for securing and delivering digital experiences across our entire security portfolio.

Forrester Wave Leaders are the top vendors in the space, with the strongest current offering today and the strongest strategy for tomorrow. We’re pleased to be a consistent presence in the Leader portion of these important competitive vendor evaluations. They present a compelling picture of Akamai as a strategic security partner across WAF, Bot Management, Zero Trust, DDoS Mitigation, and Customer Identity & Access Management.

Akamai is a Leader in these Forrester Waves:

The Akamai intelligent edge platform surrounds everything, from the enterprise to the cloud. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone – and attacks and threats far away.

Here’s why we’re a Leader in these Forrester Waves: We’re delivering on customer demands for scalable, pervasive security that progresses digital transformation and elevates customer experience. Let’s go through each Leader position in all five Waves to understand how Akamai is securing apps and APIs, ensuring compliance and privacy, and protecting organizations and their customers from credential abuse.

Web Application Firewall Leadership

Forrester writes that “In a sea of middling WAF customer references, Akamai stood out among the vendors for its across-the-board positive reviews, with particularly high marks for attack detection, attack response, and internal threat intelligence.”

We’re continuously innovating to offer the next-gen WAF capabilities our customers need to deliver the digital experiences that increasingly make or break business models. Automated Attack Groups (AAG), for instance, already automates and streamlines protection; look for AAG enhanced exceptions to add flexibility and further tune for false positives or apply to specific hostnames. We’re making WAF protection more visible and therefore more actionable with real-time Web Security Analytics alerts, too, so a broader swathe of the organization has a stake in making security work for the business.

Forrester also noted that “Customers also appreciated the ability to easily add other Akamai performance and security products.” That’s what we’ve heard too, so now our Web Application Protector (WAP) customers can upgrade with one click to the next level of Akamai WAF security while maintaining existing protection. Plus, our Bot Manager solution can be added to existing WAP configurations for comprehensive protection against DDoS, web, and bot attacks.


Bot Management Leadership

Forrester classified Akamai as a Leader in the bot management market for the second report in a row and with the strongest current offering. Bots are fast moving and and so is Akamai: Forrester says that Akamai “leads the pack with robust attack response and reporting capabilities…[with] a wide range of predefined and configurable attack responses, including tarpit, honeypots, and custom deny…Bot Intelligence Console provides information on individual bots and benchmarks bots according to industry and against the entire Akamai customer base. Akamai maintains a directory of about 1,500 legitimate bots and business services.”


There’s more to come because the bots aren’t stopping.

We’re adding a new Proof of Work detection technique that requires clients to solve a cryptographic challenge in order to access the site. A new crypto challenge action is tough on bots, gentle on UX.  Bot Manager is also introducing cross-domain compatibility to support customer environments comprising multiple domains by protecting endpoints where login and other requests can originate from other domains. We’re offering advanced and conditional actions on transactional endpoints protected by behavioral anomaly analysis bot detections, too, in addition to helping customers maintain a consistent bot posture by simplifying auditing of bot detections and configured actions applied to protected endpoints across multiple security configurations. Plus, integration with mPulse allows customers to segment web traffic by human vs. bot and monitor the impact of bots on real user and business metrics.

We aren’t stopping because the bots aren’t stopping….

Zero Trust Leadership

Forrester sees a future where Zero Trust moves organizations beyond the failed perimeter-centric approach to a security model much better suited for today’s digital business. Also: Forrester notes that vendors who don’t align themselves to the Zero Trust framework, deliver real Zero Trust capabilities, and actively participate in the community will continue to slip.

Akamai vaulted from Strong Performer to Leader in just one year, receiving the highest scores possible for workload security, people/workforce security, Zero Trust vision and strategy, Zero Trust advocacy, and market approach.


We’re committed to helping our customers travel along a Zero Trust journey that supports their unique business model. That’s why we continue to develop solutions with capabilities that can be tailored to current environments while supporting the ultimate destination by securing users and applications wherever they are. 

We’ve already helped enterprises start their Zero Trust transformation with our Enterprise Application Access (EAA) and Enterprise Threat Detector (ETP) solutions. EAA provides simple, unified, and secure enterprise application access, eliminating VPNs and more with adaptive application access through an Identity-Aware Proxy at the edge.ETP protects distributed global by using an enterprise’s DNS traffic to add an additional layer of proactive security – a security control point activated within minutes with a simple DNS configuration change. Akamai analyzes 2 trillion DNS requests daily, which makes for unmatched insight into malware detection. Now, we’re acting on customer interest in the security and visibility made possible by sending all web traffic to a proxy, a secure web gateway approach that builds on our cloud proxy capabilities that protect our customers from even the most complex zero-day threats.

Akamai’s cloud-based SWG blocks a huge amount of malicious traffic before an IP connection is made and to provide additional protections, payloads are sent to a cloud sandbox for dynamic analysis AND it performs while scaling infinitely, thanks to the Akamai Intelligent Edge. Web security in the cloud is possible with real-time threat intelligence and multiple malware detection engines plus easier management and reduced complexity.

More on DNS: see how Akamai Edge DNS is part of a continuous, consistent Zero Trust security posture.

More on making security posture management better in the next Wave review below.

DDoS Mitigation Leadership 

Akamai has mitigated some of the largest attacks – including a 1.3 Tbps attack against Github in February 2018, mitigated in 0 seconds, with the largest and most resilient cloud-based DDoS protection platform in the market today with over 150 Tbps of attack capacity.

Forrester notes that Akamai’s “reference customers remarked on the company’s responsiveness, expertise, and ability to immediately stop attacks”, reflecting the quality of the Akamai SOCC.

Forrester states that scrubbing capacity is a differentiator and that “cloud-based services need scrubbing capacity close to the origin [of the attack] in order to stop attacks before they affect the network.” That’s why we offer over more than 150 Tbps capacity across our CDN (Kona), DDoS scrubbing (Prolexic), and authoritative DNS (Edge DNS) platforms. In addition, the Akamai Intelligent Edge Platform has greater distribution than any other DDoS protection solution, with the most pervasive, highly distributed content delivery network worldwide with approximately 275,000 servers in 136 countries and nearly 1,500 networks around the world.

What’s new in DDoS? Our customers tell us plenty; as a result, Prolexic Routed will now have virtual tunnels to establish GRE tunnels from every Akamai scrubbing center to the customer origin to improve network resiliency and provide greater flexibility to respond to attacks, AWS support to protect customer origins located on Amazon Virtual Private Cloud (VPC), Equinix origin support of direct connectivity to applications co-located with Equinix, in additional to virtual leased lines (VLL) to customer data centers. 


Customer Identity and Access Management Leadership

Forrester identified Akamai’s Identity Cloud as leading the pack; vendors that can provide robust customer analytics and data management on a global scale support customer-centric digital transformation initiatives. Forrester assesses the need for CIAM this way: “Today’s digital businesses need deep customer insights to successfully deliver new products and services that can increase customers’ engagement and brand loyalty while maintaining their security and privacy.”



Identity and privacy are at the core of digital business and the customer experience: Akamai detected nearly 28 billion credential stuffing attempts in our customer’s industries between May and December 2018; there were more than 10 billion in the retail industry, the leading industry. See the Akamai Global State of the Internet Report for more details. Akamai today securely manages over 1.5 billion customer identities for the world’s largest brands.

The Akamai Intelligent Edge is where digital services are brought closer to end user consumers and businesses; Eighty-five percent of the world’s Internet users are within a single “network hop” of an Akamai CDN server. The Akamai Edge is also where digital services and experiences are protected by a security portfolio spanning WAF, Bot Management, Zero Trust, DDoS and Identity solutions. Stay tuned for continued protection innovation from Akamai. We separate good traffic from attacks 178 billion times a day. We met 50 billion bad bots last year. And we never forget a face. We’re seeing API hits on the Akamai network now comprising 83% of traffic, more than HTML hits. What this means for a comprehensive security posture is that protection can and must evolve to meet and beat all threats to users and applications.

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Amanda McCarthy. Read the original post at: