Kona Site Defender

Integrated protection for websites and APIs against sophisticated DDoS and web application attacks

For organizations that do business online, Kona Site Defender provides broad protection for critical web applications against the largest and most sophisticated DDoS and web application attacks. KSD includes robust security protections for websites and APIs, updated by the industry’s best threat research team to help organizations to keep up with evolving security threats. Organizations can customize KSD protections for their unique application requirements. KSD is an integral part of Akamai’s edge security solutions, which allow organizations to increase the security posture as their business requires or the shifting threat activity may demand. They can do so either independently or using Akamai managed security services.

Real Time Web Attack Monitor

Real Time Web Attack Monitor

Akamai Simplified Security Video
???Watch the Video???

Customers Trust in Akamai to Resolve their Security and Performance Concerns

DDoS and Web Application Protection

Kona Site Defender provides a flexible application security solution protecting websites and APIs against DDoS and web application attacks. It combines Akamai’s proprietary WAF rule set, created and automatically updated based on visibility into the latest attacks with protections that organizations can customize for their specific business needs. Optional add-ons are available to build a defense-in-depth security posture: Client Reputation to provide further threat intelligence, Fast DNS to protect your DNS layer, and Bot Manager to manage and mitigate bot traffic.

Built on the globally distributed Akamai Intelligent Edge PlatformTM, Kona Site Defender not only provides protection at scale but also security without compromise, allowing you to deliver a supreme end-user experience to your customers, even when under attack.

Kona Site Defender provides a flexible solution with access to an industry leading Professional Services team that can service your security needs over the long haul.

Akamai is used by 6,000 of the largest online companies, including the top 30 media and entertainment companies, the top 20 global online retail sites, 150 of the world’s leading news portals, and 100 of the world’s largest banks. The popularity and ubiquity of our platform gives us visibility into the disposition of both legitimate and malicious traffic, across geographies and industry verticals. That visibility, along with our Cloud Security Intelligence data analysis engine, allows us to deliver customizable, flexible, accurate and scalable application and mobile security.

Secure business innovation, customer loyalty, and brand equity

Attack surfaces keep shifting. Attacks keep getting bigger and more targeted. Trust based on location is no longer relevant. Digital transformation results in more complex systems, which ultimately result in even more risk. Leverage Akamai edge security to become a business enabler, reduce the attack surface, and harness the power of the cloud by mitigating attacks where they are generated.

Protect your APIs and native mobile apps

Businesses depend on APIs to grow and interconnect with customers and partners. APIs have become a favorite of application developers and malicious attackers alike. Protecting this critical lifeline is vital for every business. KSD’s powerful rule sets protect APIs with negative and positive security models to provide maximum protection.

Reduce security complexity and streamline operations

Maintaining the highest level of protection can stretch the limits of your security teams. Not every web property needs the same amount of fine tuning. This is why KSD offers automated protection capabilities to offload your security teams. Automated updates always provide the newest protection rules against the latest and evolving threats. Security teams can focus their skills where they are most needed.

Security for DevOps

Enterprises are increasingly embracing cloud technologies, automation, and DevOps practices. Now security is an integral part of these agile development processes. With Kona Site Defender, organizations have a way to programmatically update security controls and tie them into their development and CI/CD processes.

Improved reporting and analytics

Every security team knows that their success relies heavily on the ability to maintain an optimal security configuration. Any misconfiguration can result in malicious or undesired traffic reaching the application — or worse, legitimate traffic being blocked. Web Security Analytics provides a single pane of glass across all security events, to perform analysis of events, and to evaluate any needed changes required to maintain an optimal security configuration

Maintain application performance even under attack

The Akamai Intelligent Edge Platform™ extends from your on-premises and cloud based infrastructure to your users, enabling you to maximize agility while increasing performance and reducing risk associated with application attacks.

Akamai Intelligent Edge Platform™

Built on the Akamai Intelligent Edge Platform™, Kona Site Defender extends your security infrastructure to the network edge and stops attacks long before they can reach your applications.

DDoS Protection

Kona Site Defender defends your applications from the largest DDoS attacks, automatically dropping network-layer attacks at the edge and responding to application-layer attacks within seconds — minimizing any potential downtime.

Web Application Firewall

Kona Site Defender includes a highly scalable web application firewall that protects you from application-layer threats with an automated and highly customizable rule set.

API Protection

Kona Site Defender provides API-centric protections against DDoS and parameter-based attacks automatically inspecting API traffic. KSD allows organizations to define their APIs and what good traffic looks like, and block abnormal access and API requests.

Rule Updates

With visibility into the latest attacks against the largest and most frequently attacked organizations online, Akamai continuously and transparently updates Kona Site Defender’s security rule set, while leaving you in complete control.

Virtual Patches

Kona Site Defender provides a virtual patch for your applications, protecting against a broad range of known vulnerabilities out of the box and offering custom rules to quickly secure new vulnerabilities or simply tailor protection for your website traffic.

100% Availability and Uptime

Kona Site Defender is built on a highly resilient and self-healing platform that comes with a 100% uptime SLA.

Improved Performance

Benefit from performance capabilities built into the Akamai CDN, such as caching, advanced offload capabilities, and TCP optimization, to improve website performance for users even through the largest attacks.

Management APIs

Management APIs for common configuration tasks enable organizations to integrate security controls into their software development and delivery pipeline.

Advanced Reporting and Analytics

Detailed assessment of security events allows your security team to better evaluate changes needed to maintain an optimal security configuration tailored to your specific business needs.

DDoS Protection

Kona Site Defender provides always-on protection against the largest DDoS attacks. It responds to network and application-layer attacks within seconds, and builds on the intelligent edge platform that delivers more than 61 Tbps of traffic. It has the capacity to absorb the largest attacks.

Web Application Protection

The web application firewall includes a rich collection of pre-defined and configurable application-layer firewall rules. Rule accuracy is driven by Akamai’s unique visibility into 15 to 30% of the world’s web traffic and across various industries.

API Protection

Kona Site Defender uses positive and negative security models for increased protection of APIs from malicious calls and DDoS attacks. Customers can define which types of requests and calls are allowed. Kona Site Defender will inspect the JASON and XML content in the API body and path parameters for risky content.

Security for DevOps

Enterprises are increasingly embracing cloud technologies, automation, and DevOps practices, as well as the need to integrate security with their agile development processes. With Kona Site Defender, organizations have a way to programmatically update security controls and tie them into their development processes. Kona Site Defender provides organizations with a range of management APIs that enable developers and administrators to integrate common security configuration tasks into the CI/CD process.

Akamai Insights

1The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgement at the time and are subject to change.

2Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D'Hoinne | Adam Hils | Ayal Tirosh | Claudio Neiva, 29 August 2018.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Akamai.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.