What needs improvement with Akamai Kona Site Defender?

In terms of improvement, from my point of view, it may seem a little selfish to comment as we focus on CVEs. On the other hand, Akamai addresses only the big pressing issues explicitly in their rule set. Though this is the right approach as vulnerabilities change over time, and there are an enormous amount of CVEs to block individually, Akamai needs to focus on quickly responding to risks, even those that may potentially be of zero threat in a day. While I don't believe they claim to prevent all attacks, Akamai's WAF seems very effective in preventing people from scanning for vulnerabilities. It can adaptively make decisions based on a variety of factors, including specific WAF data and threat intelligence. While I can't speak to the totality of their activities, I do know that they quickly patch any effective workarounds discovered, even before the issue is publicly released. While there are certain complexities in the security environment and many variations on the same types of attacks, Akamai's WAF seems to work very well. Majorly, there are an awful lot of complexities in many ways, including the variations it provides to do the same thing. There is a really high volume of attacks, and the tool seems to work very well, as far as I can tell. From my perspective, the setup wasn't easy, but I could do it pretty quickly and get my head around how it was working. I think the interface is pretty slick because they were tracking many different factors, not just for Akamai Kona Site Defender but for other tools in there as well. Specific patterns or time patterns rolled up might be interesting to see for time frames, and there may actually be a way of doing it that I just haven't found yet. However, that's a little outside the realm of what I'm doing, so I'm not too concerned about it. I don't really have an issue with what they've done. Maybe some of the documentation is a little confusing. They have a lot of different places where you can go to get information, and some of the information is quite out of date. They have stopped 2018, which predated the release of the adaptable test. When I started out, I was wrong with my or maybe I have a big list of CVEs and everything, but I think that they feel like Akamia’s real set of rules would be able to block vulnerabilities if you don't have an accept or whatever. It doesn't really work that way unless they're right to do it that way or to not do it that way. They call out really big things like Struts vulnerability, Log4j, and any vulnerabilities like that. They will do a press release or a blog post that basically states that they have taken care of it, and this is the rule number that one should look for depending on one's implementation. So, I feel that's great and really helpful. That's the sort of thing I want to know. From a purely self-testing perspective, it's lovely to have the mapping for every single CVE, but I understand why they don't, and I think it's right not to provide such a feature. I think the idea is that you have to look at it specifically for what they needed to do and where they're operating. One can reach out to Akamai's support easily, and there have been a handful of situations where I don't feel comfortable sharing certain details. When I've reached out to the support team through our engineering teams, things have been quite helpful, so that's good.

They are already very flexible, but room for improvement is there. Reports generation could be better and should be improved.

Support and the pricing need to improve. I would rate this area a six out of ten.

The product really isn't very user-friendly. They could improve it so that it's easier for their customers to navigate and use. From a management perspective, it's difficult. Managing these rules with the product isn't easy. It is not taking into account that this might be used by somebody who doesn't necessarily excel in IT. It should be more accessible to everyday users. For example, report generation should be much simpler to handle. It shouldn't be a complex task. The pricing could be reduced a bit. They should provide an image optimizer and have it included within the package due to the fact that ultimately all websites that have high content are looking for this.

I think there could be an improvement with the integration of more features for each security. Possibly inline IPS and more granularity for configuration. I'd like to see incremental or integrated security features or maybe even for our transit anti-malware. It goes hand in hand with things like DLP.

The interface is a little bit clunky and can be improved. It takes a while to get from here to there.

The WAF features definitely have a lot of room for improvement. A lot of the WAF is really basic. For some products or some of our solutions, we need to run a second layer of more advanced WAF. If it had better layer seven protection then we would not need a second WAF. We use Akamai because it's good at what it does. There are some other things that we would like it to be good at and it's not that good. Quality of protection is our primary concern. We need more advanced layer seven protection, SQL injection, applied scripting, and more confidence in the precision of the system. I think all of those things would be very useful for us.

* I would like to see some non-related reputation categories. If they had some way of detecting activity on their platform, that would be helpful. * Web request analytics is hard to do between them and us. * There are some issues with pushing configurations across a network. It still takes about 20 minutes and that means to retract it's another 20 minutes. * Also, some of their monitoring dashboards that show us what's hitting us, and with which we analyze, have room for improvement.