Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

AKAMAI TECHNOLOGIES, INC.

(AKAM)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Akamai Platform Update: New Security Enhancements Th ...

06/16/2021 | 06:50am EDT

Today is Day 2 of Akamai's Platform Update. Yesterday, we talked about the acceleration of modern app development and how we're empowering users to shift more compute and data to the edge. From the core to the cloud to the edge, the applications and APIs that power modern web experiences must also be protected from threats. That's the focus for today. Let's shift gears and discuss Akamai's platform improvements to application and API security, abuse and fraud prevention.

Change is the only constant in security.

Exploits change, applications change, developers change, and it seems like change is the only constant in application and API security. Some examples of change, in addition to serverless edge computing, include the modernization of app development with microservices, containerization, single-page applications, and DevOps; other examples include server-side functionality moving client-side and back-end data (never intended to be accessible via the internet) being exposed via APIs.

Change continues to redefine security boundaries and has the potential to expose reams of business logic and sensitive data. Software is also released faster than ever, sometimes daily, and the ability for security teams to protect their applications, systems, and data amidst this change has proven to be extremely difficult. And ultimately, as security tools get better, attackers get smarter and use technologies that leave fewer traces -- setting off the constant race to innovate and stay ahead.

Yes, it's true. Simplicity can equal better security.

You may have heard that security is only as good as the most recent update. Failing to update protections may perhaps be the single most widespread threat to organizations today. But effective tuning and constant monitoring often require skilled operators and can be time-consuming and complex. And let's face it -- security teams are exhausted. Security solutions must not only adapt with change but also make it easy for practitioners by reducing the burden on overworked security professionals. If not, the trade-off between chasing false positives and potentially blocking legitimate users often means security takes a back seat. At least until the next attack.

'A crucial problem in cybersecurity is the inability to automatically and effectively tune policies. Being unable to accurately distinguish between false positives and false negatives can be very frustrating for security analysts, who have to spend hours analyzing alerts that end up being false threats.' -- Patrick Sullivan, VP & Chief Technology Officer, Akamai

Akamai VP and CTO Patrick Sullivan provides an overview of the Platform Release

At Akamai, our latest platform update is intended to manage this tension between security and ease of use with key capabilities centered on automation and machine learning (ML) specifically designed to intelligently augment human decision-making. We know that automation adds value, but smart automation empowers users with the right tools to generate insight and context to make faster and more trustworthy decisions.

But what makes Akamai's ML unique?

The sheer magnitude of our platform -- with over 300 TB of daily attack data and petabytes of daily internet traffic -- doesn't just give us unique visibility. It powers our ML systems to learn how to classify anything it sees as new or different; it then shapes the learning with newly detected anomalous behavior. And unlike other solutions in the market, our ML algorithms are not based on open source data, processing frameworks, training data, data libraries, etc., but rather on clean firsthand data that contributes to higher-quality, consistent, reliable outputs.

Now, let's unpack some of the details of our platform update.

How Akamai is automating the security function.

1. Adapt to Evolving Threats with App and API Security That Is Simple to Use

With Akamai's new Adaptive Security Engine, strong security and operational simplicity are not mutually exclusive. The core technology powering both Kona Site Defender and Web Application Protector was overhauled and re-architected to drive greater insight and automation that scales with the sophistication of attacks, all while simultaneously reducing the effort needed to maintain strong protections. What does this mean for you? Less business disruption, fewer frustrated customers, and less operational complexity. Enjoy greater confidence that you're stopping real attacks while providing uninterrupted access and optimal web experiences to your customers.

Technically, the adaptive engine was redesigned from the ground up with newly enhanced anomaly risk scoring, adaptive threat profiling, and self-tuning. The reason why this technology is different from others is that it's able to learn from its experience; it learns traffic and attack pattern idiosyncrasies, analyzes the characteristics of every request in real time, and uses that knowledge to intercept and adapt to future threats.

Sophisticated threat actors, however, are persistent. They adapt their techniques and use creative means to seek new vulnerabilities in an attempt to circumvent firewalls. But as attacks evolve, so do our protections. Last year, we were the first edge-based web application and API protection (WAAP) solution to introduce API discovery. Today, our engineers are hard at work to include new bot mitigation capabilities with WAAP to filter out unwanted bot traffic from hitting your applications.

Adaptive Security Engine

Dynamic security logic adjusts its aggressiveness based on threat intelligence correlation gathered for each customer's unique traffic. Automatic self-tuning then analyzes every trigger -- whether a true positive or false positive -- and applies ML to identify and recommend tuning exceptions on a policy-by-policy basis.

Bot Visibility and Mitigation

Detect and mitigate unwanted bots with integrated bot capabilities built directly into Akamai's WAAP solutions. As needs evolve, easily upgrade to a full-featured bot mitigation or account takeover solution with just a few steps.

2. Expand Client-Side Protections with Page Integrity Manager
A coordinated and integrated WAAP defense -- against diverse entry points and complex multi-vector attacks -- must extend beyond applications and APIs and include client-side protections. As functionality continues to shift from servers to clients, threat actors are exploiting new browser attack surfaces and vulnerabilities. Page Integrity Manager has proven extremely effective in detecting and mitigating malicious client-side behaviors and identifying high-risk vulnerabilities in first- and third-party supply chain scripts.

The latest enhancement to Page Integrity Manager uses ML to detect and stop malicious behaviors that lead to ad fraud, as well as browser plugins and extensions abuse that is designed to hijack your buying audience. Our objective is to empower you with deeper insight; better control over what's happening with customers; and the tools to protect revenue, maintain trust, and comply with regulatory mandates.

Audience Hijacking

Detect and block unauthorized activity from malicious browser plugins and extensions that can result in unwanted ads, pop-ups, and affiliate fraud.

3. Anticipate and Thwart Future Bot Evolutions with Bot Manager

As attackers try to circumvent security defenses or reverse engineer bot mitigations, Bot Manageranticipates those efforts by leveraging its ML to stay one step ahead. Bot Manager customers will now benefit from two major architectural leaps designed to maintain high efficacy against rapidly evolving threats and evasive bot operator techniques.

Bot Score lays the foundation for ongoing innovations in bot management, including the ability to take action against bots aligned with corporate risk tolerance. It allows customers to simulate the impact of changes and automatically learns your unique traffic and bot patterns to ensure long-term effectiveness.

JavaScript Obfuscation solves a problem as old as bots -- that once the system detects a bot, the bot operator discovers the detection and begins reverse engineering. Bot operators who attempt to reverse engineer a detection must now successfully complete the task and execute a new attack in a very short window before it changes. And if the operator fails, all the knowledge from the prior effort becomes useless and the operator must restart. Ultimately, they will fail in their reverse engineering attempt or spend so much effort that the attack becomes unprofitable to execute.

These major enhancements grew out of Akamai's deep intelligence and insights into bot threats, traffic patterns, and technology innovations.

Bot Score

Analyze every request against all detections without adding latency. This new approach provides a scoring model that drives more sophisticated mitigation decisions and enables self-tuning so detections stay accurate over time, even as bots evolve.


Customers can set thresholds and actions to align with corporate risk tolerance and apply different thresholds/actions to different endpoints. Bot Score's response tuning simulator allows customers to visualize the impact of changing thresholds based on past traffic before putting changes into action.

JavaScript Obfuscation

New JavaScript with hardened obfuscation and built-in reverse engineering countermeasures is designed to prevent bot operators from deciphering the bot detection triggers. Given the dynamic nature of the solution, attackers would need to invest in reverse engineering the solution constantly -- making it frustrating, laborious, and expensive for bot operators. This allows Bot Manager to neutralize attackers and sustain long-term efficacy.

4. Stop Human Fraud and Account Takeover Attacks with Account Protector

Fraud and account takeover are difficult and expensive problems for companies. Bad human actors can follow up bot-led credential stuffing attacks or simply acquire individual stolen account credentials to wage highly targeted manual attacks. And if a user is a human with valid credentials, companies may accept suspicious logins to avoid the risk of upsetting legitimate account owners. Akamai's new Account Protector solution is designed to eliminate this trade-off and keep your security protections high without increasing false positives or harming your users' web experience.

Account Protector leverages ML and behavioral analytics to create a full picture of legitimate users' behavior, continuously analyze signals to determine the risk that someone logging in is an impersonator, and then take action based on the organization's preset risk thresholds. We're able to detect known and emerging signs of fraud by identifying risk at critical steps and taking action when suspicious activities are identified -- all without affecting site performance or adding friction to the user experience. With Account Protector, you can protect consumers, reduce manual review, and minimize the cost and frustration of investigating and fixing stolen accounts.

Account Protector

Evaluate risk and trust signals to determine the likelihood that a request is not coming from a legitimate account owner. Key capabilities include the ability to compare user and population behavior profiles with anomaly detection, analyze and score user sessions for risk in real time, detect sophisticated bots that support human account takeover attacks, and the ability to take action at the edge.

For more information on the Platform Update, please visit our website, watch the video, or read the community postto learn more about all of the new capabilities across the Akamai application and network security products.

Disclaimer

Akamai Technologies Inc. published this content on 16 June 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 16 June 2021 10:49:04 UTC.


ę Publicnow 2021
All news about AKAMAI TECHNOLOGIES, INC.
07/30INSIDER TRENDS : Selling By Insiders Continues at Akamai Technologies
MT
07/30AKAMAI TECHNOLOGIES : Commitment to Reliability
PU
07/29AKAMAI TECHNOLOGIES : Zero Trust Should Not Give IT a Bad Name
PU
07/29HOLIDAY READINESS : What You Should Be Thinking About ...
PU
07/28CORRECTION : Major Internet Outage Hits Amazon, Home Depot, UPS, AT&T, Dozens Mo..
MT
07/28AKAMAI TECHNOLOGIES : World-Class OTT Streaming from MwareTV with Akamai
PU
07/28AKAMAI TECHNOLOGIES : Software-Defined Networking Concept Adoption at Akam ...
PU
07/27INSIDER TRENDS : 90-Day Insider Selling Trend Prolonged at Akamai Technologies
MT
07/27INSIDER TRENDS : Akamai Technologies Insider Extends 90-Day Selling Trend
MT
07/27AKAMAI TECHNOLOGIES : All Access Is (or Should Be) Remote Access
PU
More news
Financials (USD)
Sales 2021 3 431 M - -
Net income 2021 608 M - -
Net cash 2021 971 M - -
P/E ratio 2021 32,1x
Yield 2021 -
Capitalization 19 380 M 19 380 M -
EV / Sales 2021 5,37x
EV / Sales 2022 4,80x
Nbr of Employees 8 368
Free-Float 98,1%
Chart AKAMAI TECHNOLOGIES, INC.
Duration : Period :
Akamai Technologies, Inc. Technical Analysis Chart | AKAM | US00971T1016 | MarketScreener
Technical analysis trends AKAMAI TECHNOLOGIES, INC.
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 15
Last Close Price 118,90 $
Average target price 125,62 $
Spread / Average Target 5,65%
EPS Revisions
Managers and Directors
Frank Thomson Leighton Chief Executive Officer & Director
Rick M. McConnell President & GM-Security Technology Division
Edward McGowan Chief Financial Officer & Executive Vice President
Daniel R. Hesse Chairman
Robert Blumofe Chief Technology Officer
Sector and Competitors