Web Application Protector is designed to easily safeguard web assets from DDoS and web application attacks, while improving performance. Built on the globally distributed Akamai Intelligent Edge Platform™, Web Application Protector offers quick installation and self-deploying rules for high performance, scalability, global security intelligence, and operational simplicity.
Keep protection current
WAF leverages insights gained from hundreds of Akamai security experts and the latest machine learning algorithms — analyzing several petabytes of threat data — to keep protections current. With automatic rule updates, you don’t need to keep track of the latest security threats yourself.
Detect threats out of the box
Akamai interacts with 1.3 billion devices and harvests 130 TB of threat data every single day, discovers new threat vectors as they evolve, and continuously updates WAF rules. Akamai WAF detection logic is so advanced that it often catches zero-day attacks.
Deploy and manage easily
A sophisticated security tool doesn’t need to be complex. Web Application Protector uses automation to simplify the setup and tuning of security policies. It bundles rules and detection logic into eight categories for easier tuning, and they’re updated on an ongoing basis by Akamai security experts.
Protect your growing attack surface
Today’s more digitally connected environments process more API traffic than ever before. Web Application Protector extends the same high level of protection to your APIs, automatically inspecting all JSON and XML content for risks.
Control bot traffic
Don’t let the wrong kind of traffic slow down or interrupt your online business. Web Application Protector stops noisy bots, preventing large volumes of automatic traffic from overwhelming your applications or infrastructure.
Secure applications across environments
Protect your applications wherever they reside ― on premises, in the cloud, or across multiple cloud providers ― with a single security solution. Respond quickly to business needs by simplifying security management.
Online traffic connects to your web applications through the closest Akamai edge server with Web Application Protector. The server inspects web traffic to detect and block DDoS and web application attacks, while delivering web content to legitimate users. Backed by the Akamai Intelligent Edge Platform of more than 240,000 servers around the world, Web Application Protector is designed to scale to stop the largest attacks at the edge ― before they reach your applications.
Web Application Protector DDoS and application-layer security simplify the task of securing your applications with automated updates to security protections. With visibility into attacks against thousands of Akamai customers, advanced machine learning algorithms continuously refine security policies — and transparently update your configuration without requiring human intervention.
Web Application Protector allows you to deploy your security configurations in just a few clicks to protect your applications faster.
By evaluating changing attack patterns on the Akamai platform and updating detection logic, Web Application Protector provides precise threat identification without requiring you to manage security policies.
Automatic API inspection
Web Application Protector automatically inspects JSON and XML traffic for attacks using the same signatures as traditional web traffic.
Defending your applications from DDoS attacks, Web Application Protector is designed to automatically drop network-layer attacks at the edge and respond to application-layer attacks within seconds to minimize any downtime.
Leveraging visibility into the latest attacks on the largest online organizations, Akamai continuously and transparently updates Web Application Protector security protections to save you time and effort.
Benefit from performance enhancements on the Akamai content delivery network, such as advanced offload capabilities, to improve website performance even when under attack.
Akamai Identified as a Web Application Firewall Leader by Independent Research Firm1DOWNLOAD FULL REPORT
Akamai Identified as a Leader In 2018 Gartner Magic Quadrant for Web Application Firewalls for Second Consecutive Year2DOWNLOAD FULL REPORT
Learn why Akamai leads vendor comparisons in multiple categories.Download the Report
Advanced threat research and intelligence to help manage security risks and protect against cyber attacks.Learn More
Hybrid cloud security
Security teams responsible for protecting applications deployed across multiple cloud environments can leverage a single set of controls to maintain a consistent security posture. Akamai security makes it easy for you to scale resources to quickly meet business demands.
Web Application Protector provides always-on protection for DDoS attacks. Supported by the Akamai Intelligent Edge Platform that delivers more than 72-82 Tbps of traffic, Web Application Protector is designed to respond to network and application-layer attacks within seconds with the capacity to absorb the largest, most aggressive DDoS attacks.
Web Application Protector provides fully automated API security. Detection logic automatically inspects JSON and XML requests for risks without special configuration. Easy-to-tune detection logic allows you to adjust settings for your specific business needs.
10 Myths in Selecting a Web Application Firewall
Securing your web applications can be a daunting task, especially without dedicated security staff or training. Discover the myths surrounding Web Application Firewall (WAF) solutions and how you can make the best choice for your organization.Download Now
Web Application Protector Product Brief
Web application and DDoS protection that is fast to deploy and easy to manageDownload Now
Does My Enterprise Need Web Application Security?
Learn about the risks and damages from DDoS and web application attacks, how DDoS attacks have changed, and what motivates web application attackers.View the Infographic
Cloud Security Buyers Guide
In this buyer’s guide, we discuss how you can augment your data center infrastructure with web application security in the cloud for a more robust defense. We present Akamai’s approach to web application protection, as well as the approaches of other vendors. We also look at some common but sometimes misleading metrics, to make you a more informed buyer.View the Brochure
Akamai Solutions Brief for Web Performance & Security
Whether you sell to online customers, manage partners in an increasingly global supply chain, or connect with contributing employees from around the world, your business is more and more dependent on the web to be fast and secure to succeed. Akamai can help you navigate challenges and deliver the best web experience to your customers.View the Brochure
State of the Internet / Security Reports
Discover Akamai’s quarterly security report and related materials, including executive summaries, infographics, webinars, videos, and more.Learn More
API Security Trends 2018
Denial of service, web application-layer attacks, credential abuse, and IoT — these are the attack trends and vectors that make headlines in 2018. Ryan Barnett of Akamai offers insight into how to prepare your defenses.Learn More
Trends in the cost of denial-of-service and web application attacks
Ponemon Institute has released a report revealing that the costs organizations face from web application attacks and denial-of-service (DoS) attacks can easily add up to millions of dollars, based on surveys of more than 600 IT professionals.Learn More
Douglas Omaha Technology Commission
DOTComm Eliminates False Positives and Hundreds of Hours Managing SSL Certificates With Akamai Web Application ProtectorRead More
Akamai helps to deliver, optimize, and secure ZALORA’s platform globally.Read More
Webinar: Does My Company Need Web Application Firewalls
In this on-demand webinar, you'll learn why you need a Web Application Firewall along with the top considerations for selecting a WAF solution.Watch the Video
Website & API Security: DDoS & Web Application Threats & Protection
Your customers need your website, application, or API, so you need security. Get answers about the attacks you will face as well as how DDoS and web attackers choose their targets.Watch the Video
Smartest Protection Against DDoS Attacks
DDoS attacks can bring down your business and threaten your customer relationships. With this video, discover more about the smartest way to protect your revenue and your reputation with a world-class cloud security strategy.Watch the Video
ZALORA CTO on solving security issues in the Asian market
ZALORA is the fastest-growing online fashion retailer in Asia. From battling against bots scraping their prices, to shaving seconds off of page speed for mobile users in Indonesia and the Philippines, Karthik Subramanian, CTO & Co-founder, talks about his journey of finding solutions that fix their security and performance challenges.Watch the Video
1The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgement at the time and are subject to change.
2Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D'Hoinne | Adam Hils | Ayal Tirosh | Claudio Neiva, 29 August 2018.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Akamai.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.