Akamai Introduces Industry's First Cloud-Based, Distributed Web Application Firewall Service

Cambridge, MA |

Akamai Technologies, Inc. (NASDAQ: AKAM), the leader in powering video, dynamic transactions and enterprise applications online, today expanded its cloud-based suite of security capabilities with the introduction of its Web Application Firewall managed service. Implemented on Akamai's EdgePlatform™, the world's largest distributed computing system, the service provides a scalable edge defense system for blocking Web application attacks in the cloud.

Based on the open source ModSecurity™ Core Rule Set supported by Breach Security, the Akamai Web Application Firewall service is designed to protect against the most common and harmful types of attacks and exploitation techniques such as SQL Injection, Cross Site Scripting (XSS) and other Open Web Application Security Project (OWASP) Top-10 attacks.

The Akamai Web Application Firewall service provides customers with a unique approach to easily and economically defend their Web applications. With no hardware to manage or maintain, customers manage their own security rule set through Akamai’s customer portal. Additionally, the Akamai Web Application Firewall service helps enable Payment Card Industry (PCI) Data Security Standard compliance.

As enterprises have increasingly migrated from the desktop to the Web – relying more and more on the Internet for mission-critical data and operations – the scale and severity of attacks launched on Web sites and applications have continued to grow. Estimates show that cyber crime now cost businesses approximately $1 trillion a year.1 As research reveals, the enormity of this expense is due in large part to the fact that more than 95 percent of corporate Web applications have severe vulnerabilities.2

"While threats to network and information security will always exist, the complexity and scale of cyber attacks is exploding, forcing enterprises to face the daunting challenge of defending an increasingly porous perimeter," said Tom Leighton, co-founder and chief scientist, Akamai. "Cloud-based security offers an innovative approach to helping organizations overcome the limitations of traditional perimeter solutions by adding a globally-distributed layer to their defenses. We believe our service is also essential for cloud computing, as infrastructure is shared across multiple customers. When leveraging shared computing resources, it is vital that your application does not become compromised by an attack directed at another enterprise."

"The Akamai Web Application Firewall service is designed to secure enterprises at the HTTP application layer by enabling both instantaneous scaling of defenses as needed, as well as filtering of corrupt traffic as close to the attack source as possible," said Andy Ellis, chief security architect at Akamai. "Attacks vary in degree from small and devious, to large and brute-force; and Akamai's Web Application Firewall is the right architecture to address both. We've defended customers from application layer attacks on the magnitude of over 100 Gbps, demonstrating that massive distribution at the edge is critical as malicious activity grows in size and complexity."

The Akamai Web Application Firewall service is available today. To learn more about Akamai's comprehensive suite of cloud-based security offerings, please visit www.akamai.com/security.

Akamai also released today the following four white papers available at www.akamai.com/security.

Akamai Information Security Management System Overview – how Akamai secures its network and thus its customers' content.

Akamai Security Capabilities: Protecting Your Online Channels and Web Applications – available capabilities and explicit products and services from Akamai to help enterprises from IP-, DNS-, and Application-layer based threats.

Leveraging Cloud Security to Weather Threatening Storms: How to Defend Your Perimeter from Today's Outsized Threats – why cloud-based security is needed against current and future threats, including massive DDoS attacks.

Understanding Web Application Security: Defending the Enterprise's New Porous Perimeter by Extending Security to the Edge – how Akamai Web Application Firewall can secure applications.

The Akamai Difference

Akamai® provides market-leading managed services for powering video, dynamic transactions, and enterprise applications online. Having pioneered the content delivery market one decade ago, Akamai's services have been adopted by the world's most recognized brands across diverse industries. The alternative to centralized Web infrastructure, Akamai's global network of tens of thousands of distributed servers provides the scale, reliability, insight and performance for businesses to succeed online. Akamai has transformed the Internet into a more viable place to inform, entertain, advertise, interact, and collaborate. To experience The Akamai Difference, visit www.akamai.com.

Akamai Statement Under the Private Securities Litigation Reform Act

The release contains information about future expectations, plans and prospects of Akamai Technologies, Inc.'s management that constitute forward-looking statements for purposes of the safe harbor provisions under The Private Securities Litigation Reform Act of 1995. Actual results may differ materially from those indicated by these forward-looking statements as a result of various important factors including, but not limited to, the effects of any attempts to intentionally disrupt our services or network by hackers or others, failure of technology to accurately detect the locations of end users, malfunctioning systems so that data is not automatically or continuously updated and other factors that are discussed in the Company's Annual Report on Form 10-K, quarterly reports on Form 10-Q, and other documents periodically filed with the SEC.

1. http://www.mcafee.com/us/about/press/corporate/2009/20090129_063500_j.html 
2. http://www.darkreading.com/security/app-security/showArticle.jhtml?articleID=211201218