The Akamai Blog

This post discusses how Guardicore Labs helps Guardicore customers and the security community enhance their security posture.

The new purge by cache tag functionality in Akamai?s Fast Purge is now available to all Akamai content delivery product customers. To get to this point, we went through an exciting, year-long beta with more than 200 participants purging ~200,000,000 tags. During this time, we noted some fascinating (and surprising) ways that customers leveraged tags in their caching strategy -- we?ll share our six favorite here.

Like with any technology, Docker too has its security concerns. Learn the Docker security best practices that will help keep your infrastructure and applications secure.

Here at Akamai, we believe every person is important, and that no one should be left out. Our internal culture is cultivated by looking outwards, into the community, to make the life of our society better. Not only do we...

Have you ever wondered what it might be like to see inside one of the biggest tech companies in the world? Well, we're starting a new series of blogs to give you the insight you've never had before. Akamai's innovations...

Security Misconfiguration exposes networks to risk on premises and the cloud. What do you need to know to limit firewall security misconfiguration?

Twenty years ago it would be common to have multiple data centers load balanced with specialized devices. The applications in multiple data centers would use the Domain Name System (DNS) to look up the application destination. The DNS system would be set up to with multiple data center locations. This would "round robin" the results between the data centers. If you have four data centers, the customers would get "round-robined" between each data center.

Everyone and everything on the Internet depends on the Domain Name System (DNS) being functional. The DNS has been a common vector for attacks in recent years, and 2019 seems to be no different. Many of these attacks have goals far more sinister than simply taking a company offline or defacing a website; reported attacks include redirecting some or all of an organization's domain to gain access to protected resources, intercept traffic, and even obtain TLS certificates for that domain. Organizations should perform regular DNS reviews and audits. The following guidelines provide a starting point for your review.

When it comes to phishing, criminals put a lot of effort into making their attacks look legitimate, while putting pressure on their victims to take action. In today's post, we're going to examine a recent phishing attempt against me personally....

Learn about the new vulnerability that was found in Debian?s Advanced Package Tool that allows for easy lateral movement in data center.

For many, Point of Sale systems are the weakest link in the IT security chain. Learn the microsegmentation policies that can make a difference.

It is possible that the need to upgrade and replace systems in the lead-up to 2038 will force the retirement of some remaining IPv4-only systems and networks.

The breathtaking pace at which everyone and everything is becoming connected is having a profound effect on digital business, from delivering exceptional experiences, to ensuring the security of your customers, applications, and workforce....

By the numbers, Akamai's scale, reach and ability to help brands connect users to immersive and immediate online experiences while protecting their businesses from threats, is quite impressive. While I'm proud that Akamai connects with billions of devices daily and...

Honeypots are a popular way to protect data centers and learn about attackers. Learn the difference between high and low interaction honeypot security.

Over the past year, Akamai Enterprise Threat Research team monitored the usage of one particular phishing toolkit in the wild. We previously wrote about this phishing toolkit as "Three Questions Quiz". The "Quiz" toolkit is not new to the threat landscape, as its been used in many phishing campaigns in recent years. Our goal here is to present new insights on the evolution and scale of usage of the toolkit in the wild. The most surprising insight was the variety of commercial brands being abused as part of these phishing scams that were all using the same toolkit, but wearing a different face.

We continuously find that the most basic attack methods that worked ten years ago still work and will probably continue to be effective in the future.

Rumi said, "Clean out your ears, don't listen for what you already know." And that's exactly what leaders at Akamai India did during the pilot event of Flip, a reverse mentoring event, held earlier this month. High potential women from...

Continuous monitoring of the Akamai Edge Platform for security vulnerabilities is an integral part of all engineering efforts at Akamai. In addition to our internal vulnerability management program, we engage with third-party assessors to periodically perform external scans of our systems since this is required for compliance with security standards such as PCI DSS and FedRAMP.

Learn mitigation options that prevent your site from JavaScript skimmer code threats and protects your customers.