Kona Site Defender provides application security at the Edge — closer to attackers and further from your applications. With 178 billion WAF rule triggers a day, Akamai harnesses unmatched visibility into attacks to deliver curated and highly accurate WAF protections that keep up with the latest threats. Flexible protections help secure your entire application footprint and respond to changing business requirements, including APIs and cloud migration, with dramatically lower management overhead.
Kona Site Defender employs a proprietary anomaly detection engine designed to deliver the highest accuracy out of the box. Threat researchers and machine learning algorithms continuously identify anomalies, while testing new rules and updates against live traffic with the goal of maintaining the lowest false positives and negatives and stopping the latest threats against continuously evolving application environments.
Whether they're deployed on-prem or across multiple cloud providers, whether they're traditional websites or web APIs, or whether you have a single application or hundreds, Kona Site Defender helps you protect all of your applications with a single, easy-to-manage solution to maintain a consistent and up-to-date security posture — even as the applications you're protecting continue to change.
You need application security that can be customized for your unique requirements and the organizations you support. Kona Site Defender provides you with total flexibility ― integrating into change control, automating protections, providing APIs for your development toolchain, and offering managed services that offload security management, monitoring, and mitigation to Akamai experts 24/7.
Customizable and automated protection
Kona Site Defender provides both customizable and automated protection in one solution, while expert-curated rule sets allow you to tailor protection for accuracy in the most challenging environments. Automated protection extends security across your entire application without taxing resources.
Advanced API security
From automated to tailored protection, Kona Site Defender secures your APIs. Fully automated protection inspects all requests for threats using a negative security model, while a positive security model only allows traffic within predefined specifications.
Zero-second DDoS mitigation SLA
Built on the Akamai Intelligent Edge Platform, Kona Site Defender is designed to protect your applications from the largest DDoS threats, instantly dropping network-layer DDoS attacks at the edge and responding to application-layer attacks within seconds.
Granular attack visibility and reporting
Executive-level dashboards and in-depth security analytics provide different views into your security events. Integration with other security solutions and security information and event management (SIEM) provides a unified view of security posture.
IP reputation (optional)
With visibility into prior malicious behavior against other organizations, the optional Client Reputation service alerts you to traffic coming from known malicious clients, using a risk score in four different categories and tailored to your organization, so you can take appropriate action.
Managed security services
If your organization doesn't have the resources or expertise to manage your WAF, Akamai provides optional managed security services to augment your team, from regular configuration tuning to 24/7 monitoring and live attack response.
Kona Site Defender Product Brief
Learn how to protect mission critical websites from downtime and data theft.Download the Product Brief
Forrester Wave™ for Web Application Firewalls, Q2 2018
Forrester evaluated the 10 most significant WAF vendors and named Akamai Web Application Firewall as an industry leader.Download the Report
2019 Gartner Magic Quadrant for Web Application Firewalls
Gartner named Akamai as a leader for a third year in a row, with capabilities including DDoS protection, bot mitigation, API protection, and WAF.Download the Report
Gartner: 2018 Critical Capabilities for Cloud Web Application Firewalls
Akamai received the highest scores for web-scale critical business applications and mobile applications.Download the Report
Strategies for API Security
Cyberattackers are targeting the application programming interfaces (APIs) used by businesses to share data with customers. In this white paper you will learn about APIs, how and why they are targets for attacks, security models, and how Akamai can help.Download the White Paper
Akamai protects CashFlows' critical payment systems from both targeted and distributed cyberattacks using their worldwide network of hundreds of thousands of servers, massive bandwidth, and world-class security systems and knowledge.Read More
Health and Sports Nutrition Group's online business can sleep safely at night, knowing Akamai is protecting their website.Read More
Luisa Via Roma
Italian luxury fashion retailer relies on Akamai to protect against bots, DDOS & malicious attacks, while driving web performance & revenue.Read More
MailChimp pursues global growth with Akamai protection solutions in place.Read More
Xero delivers a fast and secure digital experience to subscribers of their cloud-based accounting software.Read More
Cloud Security in Akamai Developer
Learn how Akamai helps keep your infrastructure, websites, applications, APIs, and users safe with the world's only intelligent edge security platform.Learn More
Akamai Launchpad: Secure Your Site Against Severe Threats
Akamai Launchpad is a new, free learning platform with a range of interactive courses designed to teach you how to use Akamai products and tools to improve security and performance.Learn More
Application Security API
Learn how to manage the Web Application Firewall (WAF) configuration for your Akamai security products.Learn More
Akamai CLI for Application Security
Learn how to manage security configurations for Kona Site Defender and Client Reputation.Learn More
Announcing Updates to Akamai's Cloud Security Products
Learn about the latest product enhancements from the world's only intelligent edge security platform.Read the Blog
Announcing Updates to Akamai's Security Configuration Application
Learn about the recently completed fourth and final phase of our UX upgrades in the Akamai Security Configuration application.Read the Blog
"Akamai has an excellent product that we are able to manage with a small but capable devops team. They have improved the availability of self-service APIs that allow us to automate Akamai endpoint management via our fully programmatic devops stack, CI and CD. The Akamai solution is at the premier price point and requires good understanding to make the most of..."Read Full Review
“The evolution of the products and the need to be constantly in front of all of the changing digital threat requires security to be not a mind set but a behaviour when either developing new sites/application or remediation of legacy environment Akamai are a strong partner and provide thought leadership around solutions and environmental threats. The platform allows flexibility and quick remediation.”Read Full Review
“No vendor/company is perfect, but Akamai is as close as I've seen. Typically, if they offer a product it does exactly what it says it does and the services staff are very good at their jobs. They're widely experienced, well trained, and technically competent beyond what we typically see with vendors...”Read Full Review
Learn why Akamai was recognized by Gartner as a WAF MQ Leader — for the third consecutive year — in this new market evaluation of 12 WAF vendors.2READ THE REPORT
Akamai Launchpad is a new, free learning platform with a range of interactive courses designed to teach you how to use Akamai products and tools to improve security and performance.LEARN MORE
Akamai Identified as a Web Application Firewall Leader by Independent Research Firm1DOWNLOAD FULL REPORT
Learn why Akamai leads vendor comparisons in multiple categories.Download the Report
Advanced threat research and intelligence to help manage security risks and protect against cyber attacks.Learn More
1The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgement at the time and are subject to change.
2Gartner Magic Quadrant for Web Application Firewalls, Jeremy D’Hoinne, Adam Hils, Claudio Neiva, Rajpreet Kaur, 17 September 2019.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Akamai.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.