Akamai Advances Kona Site Defender to Meet the Challenges Posed by Constantly Evolving Web Application and DDoS Threat Landscape
Unprecedented Visibility into New and Emerging Threats Intended to Help Organizations Best Defend Websites and Applications
Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today unveiled several important advances to the company’s flagship Cloud Security solution, Kona Site Defender. The updates, which address areas including Web Application Firewall (WAF) rules, faster rule implementation, and improved reporting and analytics are designed to provide customers with the knowledge, tools and technologies required to keep their websites and applications highly available while at the same time protecting critical business and customer data and information.
Kona Site Defender, which combines automated DDoS mitigation with a highly scalable and accurate WAF, is designed to provide integrated website protection against DDoS and web application attacks. Since its introduction, the technology has proven highly successful at protecting nearly 900 customers’ websites and applications from a wide range of online threats, including network- and application-layer DDoS, SQL injection and XSS attacks, all without compromising performance or the user experience. Kona Site Defender is designed to stop the largest attacks and leverages Akamai’s visibility into global web traffic to help organizations respond to the latest threats. Recent improvements to Kona Site Defender include:
- Updated WAF rules to address the newest threats – The breadth of Akamai’s globally distributed computing platform offers unprecedented visibility into how attacks evolve on the Web. Akamai uses this insight to continually develop and introduce new WAF rules to address emerging threats and help minimize any gaps in WAF protection. New WAF rules available to customers include rate controls for IPv6 attacks; protection against “HTTP.sys” vulnerabilities; the ability to check and block HTTP requests for payloads that use the non-standard system.multicall XML-RPC API; and protection against “Server Side Template Injection.”
- Faster rule propagation – Customers now enjoy rule propagation to areas under attack in less than one minute. The ability to deploy WAF rules and mitigate attacks as quickly as possible is intended to give customers the power to minimize the potential impact of threats against their sites and applications.
- Improved reporting and analytics – Based on customer request for not only real time attack intelligence but also historical data that could be used for trend analysis, the new Security Monitor in Kona Site Defender makes 72 hours’ worth of data available to users for analysis. Further, the “Header Visibility” feature allows customers to see the body of any requests that have activated triggers in Kona Site Defender, offering greater insight into why specific traffic was flagged and providing a greater level of actionable intelligence.
- Security Optimization Assistance – Kona Site Defender customers have access to a new security service that makes security experts from the company’s Global Security Services team available to their internal teams. These experts conduct periodic review of customers’ security configurations, offer recommendations and provide implementation assistance to augment their security posture through Akamai Cloud Security Solutions.
“Security would be far easier if the threat landscape wasn’t in a constant state of evolution,” explained Stuart Scholly, senior vice president and general manager, Cloud Security Solutions, Akamai. “Since that’s not the case, Akamai remains committed to using our visibility into attacks to ensure that our customers can count on Kona Site Defender to protect their websites and applications from the latest threats.”
Akamai Statement Under the Private Securities Litigation Reform Act
This release contains information about future expectations, plans and prospects of Akamai's management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995, including statements about future business plans and opportunities. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, a failure of Akamai's offerings or functionalities to operate as expected, a lack of market acceptance of such service offerings and functionalities, and other factors that are discussed in the Company's Annual Report on Form 10-K, quarterly reports on Form 10- Q, and other documents periodically filed with the SEC.
Akamai powers and protects life online. Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. With the world’s most distributed compute platform — from cloud to edge — we make it easy for customers to develop and run applications, while we keep experiences closer to users and threats farther away. Learn more about Akamai’s security, compute, and delivery solutions at akamai.com and akamai.com/blog, or follow Akamai Technologies on Twitter and LinkedIn.