Kona Site Defender Code

Kona Site Defender

Protect your apps & APIs against the largest and most sophisticated attacks with a web application firewall and DDoS protection at the Edge.


Edge WAF and DDoS protection

Kona Site Defender provides application security at the Edge — closer to attackers and further from your applications. With 178 billion WAF rule triggers a day, Akamai harnesses unmatched visibility into attacks to deliver curated and highly accurate WAF protections that keep up with the latest threats. Flexible protections help secure your entire application footprint and respond to changing business requirements, including APIs and cloud migration, with dramatically lower management overhead.





Customizable and automated protection

Kona Site Defender provides both customizable and automated protection in one solution, while expert-curated rule sets allow you to tailor protection for accuracy in the most challenging environments. Automated protection extends security across your entire application without taxing resources.

Advanced API security

From automated to tailored protection, Kona Site Defender secures your APIs. Fully automated protection inspects all requests for threats using a negative security model, while a positive security model only allows traffic within predefined specifications.

Zero-second DDoS mitigation SLA

Built on the Akamai Intelligent Edge Platform, Kona Site Defender is designed to protect your applications from the largest DDoS threats, instantly dropping network-layer DDoS attacks at the edge and responding to application-layer attacks within seconds.

Granular attack visibility and reporting

Executive-level dashboards and in-depth security analytics provide different views into your security events. Integration with other security solutions and security information and event management (SIEM) provides a unified view of security posture.

IP reputation (optional)

With visibility into prior malicious behavior against other organizations, the optional Client Reputation service alerts you to traffic coming from known malicious clients, using a risk score in four different categories and tailored to your organization, so you can take appropriate action.

Managed security services

If your organization doesn't have the resources or expertise to manage your WAF, Akamai provides optional managed security services to augment your team, from regular configuration tuning to 24/7 monitoring and live attack response.



1The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgement at the time and are subject to change.

2Gartner Magic Quadrant for Web Application Firewalls, Jeremy D’Hoinne, Adam Hils, Claudio Neiva, Rajpreet Kaur, 17 September 2019.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Akamai.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.