Today is Day 2 of Akamai’s Platform Update. Yesterday, we talked about the acceleration of modern app development and how we’re empowering users to shift more compute and data to the edge. From the core to the cloud to the edge, the applications and APIs that power modern web experiences must also be protected from threats. That’s the focus for today. Let’s shift gears and discuss Akamai’s platform improvements to application and API security, abuse and fraud prevention.
Change is the only constant in security.
Exploits change, applications change, developers change, and it seems like change is the only constant in application and API security. Some examples of change, in addition to serverless edge computing, include the modernization of app development with microservices, containerization, single-page applications, and DevOps; other examples include server-side functionality moving client-side and back-end data (never intended to be accessible via the internet) being exposed via APIs.
Change continues to redefine security boundaries and has the potential to expose reams of business logic and sensitive data. Software is also released faster than ever, sometimes daily, and the ability for security teams to protect their applications, systems, and data amidst this change has proven to be extremely difficult. And ultimately, as security tools get better, attackers get smarter and use technologies that leave fewer traces — setting off the constant race to innovate and stay ahead.
Yes, it’s true. Simplicity can equal better security.
You may have heard that security is only as good as the most recent update. Failing to update protections may perhaps be the single most widespread threat to organizations today. But effective tuning and constant monitoring often require skilled operators and can be time-consuming and complex. And let’s face it — security teams are exhausted. Security solutions must not only adapt with change but also make it easy for practitioners by reducing the burden on overworked security professionals. If not, the trade-off between chasing false positives and potentially blocking legitimate users often means security takes a back seat. At least until the next attack.
“A crucial problem in cybersecurity is the inability to automatically and effectively tune policies. Being unable to accurately distinguish between false positives and false negatives can be very frustrating for security analysts, who have to spend hours analyzing alerts that end up being false threats.” — Patrick Sullivan, VP & Chief Technology Officer, Akamai
Akamai VP and CTO Patrick Sullivan provides an overview of the Platform Release
At Akamai, our latest platform update is intended to manage this tension between security and ease of use with key capabilities centered on automation and machine learning (ML) specifically designed to intelligently augment human decision-making. We know that automation adds value, but smart automation empowers users with the right tools to generate insight and context to make faster and more trustworthy decisions.
But what makes Akamai’s ML unique?
The sheer magnitude of our platform — with over 300 TB of daily attack data and petabytes of daily internet traffic — doesn’t just give us unique visibility. It powers our ML systems to learn how to classify anything it sees as new or different; it then shapes the learning with newly detected anomalous behavior. And unlike other solutions in the market, our ML algorithms are not based on open source data, processing frameworks, training data, data libraries, etc., but rather on clean firsthand data that contributes to higher-quality, consistent, reliable outputs.
Now, let’s unpack some of the details of our platform update.
How Akamai is automating the security function.
1. Adapt to Evolving Threats with App and API Security That Is Simple to Use
With Akamai’s new Adaptive Security Engine, strong security and operational simplicity are not mutually exclusive. The core technology powering both Kona Site Defender and Web Application Protector was overhauled and re-architected to drive greater insight and automation that scales with the sophistication of attacks, all while simultaneously reducing the effort needed to maintain strong protections. What does this mean for you? Less business disruption, fewer frustrated customers, and less operational complexity. Enjoy greater confidence that you’re stopping real attacks while providing uninterrupted access and optimal web experiences to your customers.
Technically, the adaptive engine was redesigned from the ground up with newly enhanced anomaly risk scoring, adaptive threat profiling, and self-tuning. The reason why this technology is different from others is that it’s able to learn from its experience; it learns traffic and attack pattern idiosyncrasies, analyzes the characteristics of every request in real time, and uses that knowledge to intercept and adapt to future threats.
Sophisticated threat actors, however, are persistent. They adapt their techniques and use creative means to seek new vulnerabilities in an attempt to circumvent firewalls. But as attacks evolve, so do our protections. Last year, we were the first edge-based web application and API protection (WAAP) solution to introduce API discovery. Today, our engineers are hard at work to include new bot mitigation capabilities with WAAP to filter out unwanted bot traffic from hitting your applications.
The latest enhancement to Page Integrity Manager uses ML to detect and stop malicious behaviors that lead to ad fraud, as well as browser plugins and extensions abuse that is designed to hijack your buying audience. Our objective is to empower you with deeper insight; better control over what’s happening with customers; and the tools to protect revenue, maintain trust, and comply with regulatory mandates.
3. Anticipate and Thwart Future Bot Evolutions with Bot Manager
As attackers try to circumvent security defenses or reverse engineer bot mitigations, Bot Manager anticipates those efforts by leveraging its ML to stay one step ahead. Bot Manager customers will now benefit from two major architectural leaps designed to maintain high efficacy against rapidly evolving threats and evasive bot operator techniques.
Bot Score lays the foundation for ongoing innovations in bot management, including the ability to take action against bots aligned with corporate risk tolerance. It allows customers to simulate the impact of changes and automatically learns your unique traffic and bot patterns to ensure long-term effectiveness.
These major enhancements grew out of Akamai’s deep intelligence and insights into bot threats, traffic patterns, and technology innovations.
Fraud and account takeover are difficult and expensive problems for companies. Bad human actors can follow up bot-led credential stuffing attacks or simply acquire individual stolen account credentials to wage highly targeted manual attacks. And if a user is a human with valid credentials, companies may accept suspicious logins to avoid the risk of upsetting legitimate account owners. Akamai’s new Account Protector solution is designed to eliminate this trade-off and keep your security protections high without increasing false positives or harming your users’ web experience.
Account Protector leverages ML and behavioral analytics to create a full picture of legitimate users’ behavior, continuously analyze signals to determine the risk that someone logging in is an impersonator, and then take action based on the organization’s preset risk thresholds. We’re able to detect known and emerging signs of fraud by identifying risk at critical steps and taking action when suspicious activities are identified — all without affecting site performance or adding friction to the user experience. With Account Protector, you can protect consumers, reduce manual review, and minimize the cost and frustration of investigating and fixing stolen accounts.
For more information on the Platform Update, please visit our website, watch the video, or read the community post to learn more about all of the new capabilities across the Akamai application and network security products.
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Charles Choe. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/WtjaGtYrKvY/akamai-platform-update-new-security-enhancements-that-intelligently-automate-application-and-api-sec.html