SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Akamai launches next-gen web application and API protection solution
Wed, 10th Nov 2021
FYI, this story is more than a year old

Akamai Technologies has announced the launch of App - API Protector, a next-generation web application and API protection (WAAP) solution.

It's designed to provide a set of protections built for modern applications and APIs, championing intelligent automation and simplicity.

With App - API Protector, Akamai customers have a single, integrated WAAP solution for stronger security outcomes.

According to the company, key benefits include the following.

Automatic API discovery and security: Users can mitigate API-related risks and vulnerabilities with continuous discovery of known, unknown, and evolving APIs.

API requests are automatically discovered and inspected for malicious code; and optional API security controls can be enforced at the edge to activate positive API security models.

Adaptive and more accurate detections: The ability to detect up to two times more attacks compared to traditional rulesets.

In addition, the solution offers adaptive, threat-based detection with a multidimensional threat scoring model that combines Akamai's platform intelligence with data/metadata from each web and API request.

This data is actioned with decision-making logic that accurately identifies and stops stealthy attacks with precision, the company states.

Continuous self-tuning: Akamai's Adaptive Security Engine keeps pace with evolving threats and reduces false positives by up to five times to alleviate the effort required to maintain and tune policies, Akamai states.

Security triggers, whether true attacks or those misidentified as attacks, are automatically and continuously analysed with machine learning to deliver highly accurate policy-by-policy tuning recommendations with a 1-click implementation.

Built-in bot mitigation: Users can automatically detect and mitigate unwanted bots with built-in bot visibility and mitigation capabilities.

Akamai's bot technology features a directory of 1,500+ known bots and provides customers with the ability to create and define bots to proactively monitor analytics and prevent attacks.

For more persistent, adversarial bot operators, Akamai offers its Bot Manager solution to mitigate that threat.

Automatic updates: The new solution enables a hands off approach to WAAP with adaptive protections fully managed by Akamai.

The company's security researchers use machine learning and data mining techniques to continuously analyse more than 303TB of daily attack data and automatically update protections against the latest threats.

Customers can also opt for manual/evaluation mode of operation to minimise any unexpected impact of new updates.

DevOps integration: Users can integrate WAAP capabilities using the Akamai CLI, Terraform, or scripts in the CI/CD automation pipeline.

Rapid onboarding of applications ensures uniform security policy management across large application and API portfolios, and centralises security enforcement across hybrid and multi-cloud infrastructures, the company states.

Akamai vice president of product management Amol Mathur says, “As the online threat landscape continues to evolve, the need for a holistic, adaptive approach to web application and API security is clear.

"With the introduction of our new App - API Protector, Akamai customers now have a single, holistic solution that makes sophisticated protection extremely simple.

"This builds on Akamai's proven security technologies, introducing new levels of sophisticated, automated intelligence to keep our customers a step ahead of the cyber criminals.