The product is used as a web application firewall for Layer 7, Layer 3, and Layer 4 DDoS protection. It is also used for caching, acceleration, and faster delivery.
Security Analyst at a financial services firm with 10,001+ employees
Real User
2023-04-19T16:56:00Z
Apr 19, 2023
I am currently working on a use case involving vulnerabilities and deferral requests made by individuals seeking to complete their remediation. These vulnerabilities are categorized and require an SLA for remediation based on their severity. If a certain category of vulnerability cannot meet the mitigation deadline, it must be approved. I am responsible for explaining why mitigation is impossible, the remediation time frame, and the holdup. My approach to addressing vulnerabilities is to evaluate the risk from Akamai WAF's perspective and the application's exposure. I review the WAF for external vulnerabilities to determine if the specific issues have been addressed. The adaptive function of the WAF is powerful, as it can detect suspicious behavior and pick up on issues. The adaptive role sets and behavioral activities seem to be very effective in this regard. Additionally, the WAF can share information such as IP ranges or addresses associated with certain kinds of activity. If a threat is detected on one WAF, it may be blocked across all WAFs owned by different enterprises. As for my understanding, I cannot say for certain. While I am not entirely sure about how the WAF works in sharing information and blacklisting potential threats, I believe it is an effective solution. However, I would caution against quoting me on this as I may not have all of the information. So, that's a very powerful feature. However, assessing when something is not explicitly described in the rule set can be challenging. It's difficult to determine if it's being prevented or not. But, I have noticed that it's very effective at preventing people from even being able to identify the existing vulnerabilities. This is a great prevention measure, and it can adapt to different situations by considering various factors, including those specific to the WAF and threat intelligence data. It seems to work really well, but I can't speak to the overall effectiveness of all the activities.
I provide a service. We manage the Akamai service for our customers. Our customers are predominantly government agencies and medium-sized companies, and banks.
Solutions Architect, Cloud & SDDC at NCS Pte. Ltd.
Real User
2020-06-08T06:11:08Z
Jun 8, 2020
We have multiple use cases but the solution is primarily for content delivery network. The product has multiple features so we area also using it as a wall. It's really a combination between a CDN and a WAF. We also use Adidol switches. We are partners with Akamai and I'm a cloud solution architect.
Akamai App and API Protector provides website security by preventing DDoS attacks, acting as an application firewall, managing content delivery, and monitoring APIs. It adapts to threat profiles and is used for fast media delivery and identifying malicious activities.Akamai App and API Protector offers strong protection, adaptable security features, and efficient traffic management. Its WAF blocks IP addresses and country-specific threats while preventing SQL injections. Companies utilize it...
The product is used as a web application firewall for Layer 7, Layer 3, and Layer 4 DDoS protection. It is also used for caching, acceleration, and faster delivery.
I am currently working on a use case involving vulnerabilities and deferral requests made by individuals seeking to complete their remediation. These vulnerabilities are categorized and require an SLA for remediation based on their severity. If a certain category of vulnerability cannot meet the mitigation deadline, it must be approved. I am responsible for explaining why mitigation is impossible, the remediation time frame, and the holdup. My approach to addressing vulnerabilities is to evaluate the risk from Akamai WAF's perspective and the application's exposure. I review the WAF for external vulnerabilities to determine if the specific issues have been addressed. The adaptive function of the WAF is powerful, as it can detect suspicious behavior and pick up on issues. The adaptive role sets and behavioral activities seem to be very effective in this regard. Additionally, the WAF can share information such as IP ranges or addresses associated with certain kinds of activity. If a threat is detected on one WAF, it may be blocked across all WAFs owned by different enterprises. As for my understanding, I cannot say for certain. While I am not entirely sure about how the WAF works in sharing information and blacklisting potential threats, I believe it is an effective solution. However, I would caution against quoting me on this as I may not have all of the information. So, that's a very powerful feature. However, assessing when something is not explicitly described in the rule set can be challenging. It's difficult to determine if it's being prevented or not. But, I have noticed that it's very effective at preventing people from even being able to identify the existing vulnerabilities. This is a great prevention measure, and it can adapt to different situations by considering various factors, including those specific to the WAF and threat intelligence data. It seems to work really well, but I can't speak to the overall effectiveness of all the activities.
I provide a service. We manage the Akamai service for our customers. Our customers are predominantly government agencies and medium-sized companies, and banks.
We use Akamai Kona for our cloud services.
We primarily use the solution as an application firewall.
We have multiple use cases but the solution is primarily for content delivery network. The product has multiple features so we area also using it as a wall. It's really a combination between a CDN and a WAF. We also use Adidol switches. We are partners with Akamai and I'm a cloud solution architect.
We use this solution primarily to prevent DDoS attacks.
We're using it as DDoS on a basic WAF. We use a hybrid cloud deployment model.
We use it for website protection.