Protecting the Digital Experience
Yesterday, Renny Shen wrote about powering the digital experience, and he noted that most people have a basic agreement on the concept, but in reality they tend to have different definitions and expectations of “digital experience.” Protecting the digital experience, though, tends to offer a pretty consistent view — keeping customers, assets, apps, and data safe, and building trust that all parties are who they say they are.
With the acceleration of life online — working, shopping, connecting — cyberthreats and cyberattacks unfortunately also accelerated:
- From October 2020 to October 2021, Akamai observed 6,287,291,470 web attacks globally
- From December 2017 through November 2019, we saw 16,557,875,875 login attempts against hostnames that were clearly identified as API endpoints
Thwarting attacks without hindering agility
It’s difficult to create safety and trust online when threats are constantly accelerating and evolving. Yet organizations can only grow revenue and thrive in digital environments if they protect consumers without creating frustrations in their online experiences.
And as organizations strive for innovation, there’s more pressure on developers to ensure that they’re building new app functionality and adding API connections without creating vulnerabilities. That’s a lot to ask, but it’s not really even an ask. It’s a requirement.
Akamai’s customers use our suite of security solutions to allow trusted users to interact seamlessly online because Akamai is innovating protections to anticipate and thwart even the most relentless and dangerous attackers without hindering agility.
Protecting the experience everywhere customers and organizations interact
There isn’t just an expansion in the numbers of interactions online; there’s an expansion of interaction types and form factors. No longer limited to just websites, organizations need to protect customers from in-browser threats, on mobile apps, during API interactions, and, of course, at the edge.
Today’s announcements include new products and capabilities to help Akamai’s customers thrive online while keeping protections high.
Audience Hijacking Protector launch
Grow revenue by protecting customers from being hijacked out of their online journey. Our solution protects against unwanted redirection of customers to competing and malicious websites, reducing affiliate fraud, and mitigating privacy risks.
In the age of pop-ups, we’re helping our customers keep consumers on their site to enable successful engagement, leading to better conversion of visits to sales and higher trust with consumers (see Figure 1).
Page Integrity Manager enhancements
Help secure additional in-browser threat protection against data exfiltration and other script-based attacks. Threat intelligence integration detects threats based on customer first- and third-party scripts and network calls against Akamai Enterprise Threat Protector intelligence to expose client-side threats.
The second enhancement, customized protections and actions, provides a new alerting and policy layer that allows customers to build custom detections, and set alerting and policies based on script behaviors.
API Data Loss Prevention
Secure personally identifiable information (PII) and other sensitive data. As part of the platform update, we’re announcing API Data Loss Prevention capabilities, helping customers discover where PII may be getting leaked or used by APIs.
With the number of API-based interactions increasing dramatically, this gives our customers a powerful way to regain visibility and control of PII to keep their customers and users safe, avoiding consequences of PII breaches like regulatory fines and loss of customer trust.
App & API Protector Custom Rule Builder
Give organizations more nuance in dealing with evolving threats. Custom Rule Builder includes sampling intervals, additional match conditions, and enhanced user messaging. Akamai customers will be able to get more fine-grained in their rules to improve their protections even as threats and attacks are evolving.
Strong adoption of our Adaptive Security Engine
Customers see the value from our relentless focus on detection improvements. One-third of our app and API security customers now use Adaptive Security Engine. Even as attackers become more sophisticated, customers are seeing 2x improvements in detections and significant reductions in false positives.
Managed alerting for Bot Manager
Gain proactive insights into traffic anomalies and faster response to zero-day attacks. As bot attacks continue to grow in sophistication, we’ve enhanced our Managed Security Service alerting to ensure more proactive and actionable alerts.
Our Managed Security Service offering with enhanced alerting provides the ability to not just respond to events in real time but also to use those insights to continuously improve bot detection accuracy over time.
Adapting protections, enabling innovations
Wherever and whenever there are interactions online, we’re adapting protections to keep trust high and friction low. This will allow organizations to be innovative about the ways they interact with consumers and grow online revenue, creating new opportunities and experiences.
And we’re not stopping with protecting customers. Tomorrow, Dan Petrillo will discuss balancing security with productivity, with Zero Trust. Stay tuned.