Operationalize Day-2 Services for API Security and Microsegmentation

The drivers? A persistent talent shortage, mounting regulatory pressure, and the need to stay ahead of an ever-evolving threat landscape.

For partners, this trend signals a clear opportunity: Security leaders will continue to increase spending on the kinds of security services that Akamai partners regularly offer as part of our Day-2 Partner Service Programs. 

In this blog post, I’ll give you an overview of the Day-2 packages for two of our core security solutions — Akamai API Security and Akamai Guardicore Segmentation — and you’ll see how our partners are unlocking greater revenue and long-term growth by offering value-added security services to their customers.

API security isn’t a one-and-done exercise. It demands a long-term strategy that provides for continuous updates, ongoing protections (including on-demand checks), reporting, and audits.

Our API Security Day-2 toolkit helps Akamai partners move beyond initial deployment and Professional Services engagement to managing their customer’s full API security lifecycle, boosting partner revenues, and demonstrating greater value to their customers.

Key partner deliverables for API Security include:

• Ongoing operationalization
• Ongoing monitoring and handling of findings

Ongoing operationalization maximizes customer API security value through updates, expansion, and product management. Professional Services activities in this offering include:

• Product deployment and user management to ensure proper configuration, enforce least-privilege access, and align user roles with operational responsibilities
• Integration of additional traffic sources to expand visibility, enrich API discovery, and ensure protection across all ingress points — including third-party and legacy systems
• Security posture management to identify changing API traffic patterns, newly discovered endpoints, and shadow APIs, and to mitigate any impact on security protections
• Policy and workflow updates to maintain accurate API inventory and labeling

Ongoing monitoring and handling of findings helps ensure timely detection, escalation, and response. Professional Services activities in this offering include:

• Runtime protection management to interpret security events, tune policies, and safely transition protections from Monitor mode to Block or Challenge mode in response to real-time threats such as injection attacks, credential abuse, or bot activity
  
• Alerting and incident response coordination to configure, manage, and triage alerts for API-related anomalies, correlate events with incident timelines, and integrate alerts into established response workflows
  
• Playbook development and implementation to define standard operating procedures that streamline recurring tasks such as onboarding new applications, conducting routine health checks, and handling security events consistently
  
• Shift-left and active testing enablement to implement continuous validation of API security posture in pre-production environments. Activities include scheduling and integrating tests into CI/CD pipelines, interpreting results, and feeding findings into development workflows
  
• Test coverage expansion to customize test templates, improve validation accuracy, and align testing practices with evolving API footprints and development cycles
  
• Multi-audience reporting and audit preparation to design and deliver stakeholder-specific reports — supporting development, compliance, management, and security teams with clear, actionable insights

These tools empower Akamai partners to deliver API Security as a high-impact, ongoing service, from retainer-based packages and monthly audits to real-time posture monitoring. 

Best of all, you can build your own branded service stack, customize delivery models, and align offerings to what your customers need — whether that’s 24/7 oversight, regulatory reporting, quarterly optimization reviews, or executive-ready scorecards.

Segmentation policy deployment is just the beginning. Environments change. New applications are deployed, and old ones are decommissioned. Our Akamai Guardicore Segmentation Day-2 toolkit helps partners maintain, fortify, and evolve their customers’ segmentation policies at the speed and scale demanded by enterprise business.

Key partner deliverables for Akamai Guardicore Segmentation include:

• Administration and implementation enhancements
• Security incident management
• Compliance and audits

• Deployment updates reflecting real-time organizational changes to assets, policies, users, servers, and networks in Guardicore Centra
• Secondary use-case implementation for instances beyond the statement of work of initial deployment, including:
  
  • Environment segmentation — Permitting only explicitly authorized communications between different environments; all other communications are prohibited
    
  • Application ringfencing — Allowing communications between authorized parties and among internal applications
    
  • Application microsegmentation (Zero Trust) — Authorizing only prescribed internal and external traffic among critical applications
    
  • Off-corporate endpoint segmentation — Limiting the attack surface through the implementation of custom rulesets for third-party and peer network endpoints
    
  • Privileged server access — Applying server access control policies (e.g., restriction of management ports to jump boxes, user identity-based server blocking)
    
  • Enforcement — Implementing block list rules to enforce network security best practices
    
• Implementation expansion with coverage extending to phase II assets (i.e., cloud-based networks and applications)
• Additional deployments to phase II endpoints (i.e., IoT/OT devices and VDI environments)

Akamai Guardicore Segmentation is a robust incident response tool that provides fast and comprehensive visibility of all servers, assets, and applications running in the environment. In the event of an attack on a customer’s network, our Day-2 Partner Security Engineers use Guardicore microsegmentation to stop lateral movement and isolate the infected resource quickly. Next, they ensure that the rest of the environment is safe, sanitize the compromised asset, and remove microsegmentation isolation to restore normal service without disconnecting devices from the network.

• Detection: As a Guardicore Day-2 Security Incident Management Services Partner, you can connect your customer’s Guardicore implementation to your Security Operations Center (SOC) so that your team receives detection alerts from Guardicore and any other solutions you deploy. Your SOC team then reviews the Guardicore logs (and others) and the alerts sent to your SIEM to determine whether your customer has been attacked — and, if so, determines the type of attack and its impact, including which asset(s) the hackers may have compromised.
• Isolation: Your SOC engineers deploy Guardicore's software-based microsegmentation to quickly isolate any infected environments or assets, ensuring that the rest of the network remains safe.
• Remediation: Your security engineers clean (potentially re-imaging) infected assets and remove the Guardicore microsegmentation isolation from the affected part of the network. Normal service is restored. Your team and our Akamai Hunt experts then analyze Guardicore and Akamai Hunt logs and reports to comprehensively identify and mitigate any vulnerabilities exploited during the attack.
  

API Security Basic Training (new track)
This foundational course breaks down the basics of API architecture, common vulnerabilities, and security best practices — ideal for anyone new to the topic or looking to refresh their understanding of the essentials.

API Security Sales Training for Partners (new track)
Designed for partner sellers, this course equips you to lead API security conversations with confidence and expertise. Learn how to identify customer pain points, position Akamai’s API security solutions, and align messaging to key business drivers.

API Security Sales Engineering for Partners (new track)
Designed for sales engineers and solution architects, this course bridges the gap between product capabilities and customer needs. Explore discovery techniques, learn how to map Akamai components to real-world use cases, and sharpen your ability to demonstrate value at every stage of the API lifecycle.

API Security Architect Training for Partners (new track)
This next-level course is tailored to technical users who configure and design secure API environments. You'll get practical, hands-on learning focused on posture management, policy design, deployment workflows, and more. 

GcSP Implementation Training for Partners
Get hands-on experience with real-world deployment scenarios, including segmentation policy design, labeling strategy, agent installation and tuning, and integration best practices. Perfect for partners that are responsible for initial implementation and onboarding success.

GcSP Support Training for Partners (new track)
This brand-new track for Day-2 service providers is focused exclusively on technical troubleshooting, incident response, and customer support workflows.

API Security Service Provider
Driven by the success of our Guardicore-certified Services Partner (GcSP) model, this advanced program dives deep with lab-based exercises, architecture reviews, and the full scope of Day-2 operations. It’s ideal for partners that are delivering postsale services or managing ongoing security operations.