Cyberattacks are growing smarter and more relentless. In today’s environment, threat actors leverage AI to scale attacks across multiple vectors, automate reconnaissance, and iterate on exploit techniques at machine speed.
At Akamai, we’ve always met that evolution head-on.
Akamai Adaptive Security Engine is at the core of Akamai App & API Protector and delivers automated, accurate, and regularly updated protections powered by machine learning, global intelligence, and expert threat research — forming one of the industry’s most advanced web application and API protection (WAAP) defenses.
Today, we’re building on that foundation to prepare for the fast-changing tomorrow.
Advancing the Adaptive Security Engine for the AI era
We are introducing AI-powered web application firewall (WAF) detections, an enhancement to Adaptive Security Engine, that expands its ability to rapidly detect new web attacks from the network traffic and release protections from the ongoing web attacks faster.
With Akamai, you gain security that continuously evolves with today’s threat landscape, without adding operational complexity. Protections are automatically updated and fine-tuned, so your teams stay ahead of emerging threats while reducing manual effort and false positives.
You benefit from deeper, more precise detection that identifies sophisticated and evasive attacks across application and API traffic — including zero-days and advanced exploit techniques — before they disrupt your business.
App & API Protector has always delivered a distinct intelligence advantage that strengthens your security posture, improves accuracy, and helps you innovate with confidence. And it will continue to provide that advantage in today’s evolving threat landscape.
Adaptive Security Engine outsmarts evasive attacks
Figure 1 is a screenshot of a request from Akamai. The User-Agent string has "PentestAgent" highlighted in yellow, indicating that this is an attack by an AI-driven pen test tool. Adaptive Security Engine identified previous Structured Query Language injection (SQLi) attacks from this client.
Fig. 1: AI-driven request detected on the Akamai platform
The request used SQL comments inside an SQL keyword SLEEP. This technique doesn't successfully execute in a database as the comment is interpreted as a SPACE character. This example shows how AI will boost firepower for attackers in the future — and how Akamai is ready to defend.
The release of this AI-powered advancement builds on the proven strength of our core technology to accelerate how our protection evolves to meet AI-driven threats.
New detections — and why they matter
AI-powered WAF detections augment our leading WAAP solution with a system trained to identify malicious patterns.
Using traffic observed across critical applications and APIs worldwide, we built and trained AI models capable of:
Generating precise attack prevention logic
Identifying novel attacks
Recognizing suspicious attack behavior
These detections combine:
Self-learning, internally developed discriminative and generative AI models
Platform-scale traffic intelligence
Structured validation processes
Human threat research oversight
The result is an expanded detection layer that strengthens Adaptive Security Engine without replacing or undermining it.
Figure 2 shows how AI-powered detections identified an SQLi attack. This request was identified as suspicious by other security controls because it originated from a bot and had historical evidence of observed suspicious traffic on the platform.
Fig. 2: AI-powered detections identified a WAF attack request
This is just the start. During our research and validation phase, we found that the system is surfacing other types of attacks, such as parameter pollution or suspicious activities like probing scans.
What it means to be autonomous — and why autonomy matters
Being autonomous does not mean replacing our human threat detection expertise. It means accelerating protection evolution cycles beyond manual limits.
The advantages of an autonomous system:
It continuously analyzes live traffic patterns.
It generates candidate detections.
It validates those detections against real platform traffic.
It surfaces only high-confidence protections for expert review.
It safely deploys approved protections.
Autonomy shortens the time between:
Attack innovation → Detection creation → Production mitigation
In an AI-driven threat landscape, the compression of that cycle is a strategic advantage. Akamai WAAP has always been adaptive and automatic. AI-powered WAF detections increase the speed and precision at which that adaptation occurs.
In addition to increased autonomy, our testing has shown a zero false-positive impact. Each deployment candidate must prove measurable value before release. Protections are introduced only once they are validated across diverse traffic conditions, minimizing disruption while maximizing impact.
Another important feature is that this advancement is designed for safe, parallel execution with minimal performance impact. AI-powered detections run alongside core detections and rapid rules — not interfering with our customer-loved penalty box logic. Customers retain full visibility of the detected attacks and maintain the flexibility to configure protection according to their risk appetite.
Operationally simple, technically powerful
This enhancement to Adaptive Security Engine reinforces our commitment to simple security operations.
Included for all App & API Protector customers
No additional licensing or complex configuration
Flexible deployment modes (alert or deny)
Precise detections that eliminate the need to fine-tune for unique application implementations
Full transparency and visibility in Web Security Analytics
Responsibly building the future of adaptive defense
Attackers are leveraging AI to increase scale and sophistication. Defenders must respond with equal speed and greater discipline.
AI-powered WAF detections use internally developed models that are designed to keep safety and reliability as core principles. The models are trained on Akamai network data, specifically attack records and traffic logs, that is processed by data operations that adhere to industry compliance standards like the Payment Card Industry Data Security Standard (PCI DSS), the International Organization for Standardization (ISO), and Systems and Organization Controls 2 (SOC 2).
Data is used only after it has been comprehensively anonymized and encrypted end to end, and it is kept segregated with strict access controls to prevent unauthorized retrieval or query access.
The AI initiated protection updates undergo several inspections to ensure that system stability, security, and performance are not compromised. These inspections are automated but carefully overseen by human subject matter experts, including our threat research and security operations teams.
By augmenting our core technology engine with AI-powered WAF detections, we are:
Strengthening protection against complex attacks
Leveraging Akamai’s intelligence advantage across global traffic
Preserving expert oversight and operational trust
A transformational step in protection
This release represents a transformational step. Adaptive protection has always been the foundation of App & API Protector. AI-powered WAF detections extend that foundation, increasing detection depth, accelerating response cycles, and reinforcing protection for the critical apps and APIs you deliver every day.
Get started
Experience AI-powered WAF detections in action with a free trial of App & API Protector — and step confidently into autonomous application security.
Tags
