Akamai Builds Reputation Profiles of IP Addresses Based on Traffic Analytics

Akamai Technologies is using a data processing engine that analyzing more than two petabytes of data related to web security threats as the foundation underpinning its Cloud Security Solutions.

Akamai said it uses the resulting intelligence to continuously update and improve its “Kona Site Defender” application security rule set.  It is also using the intelligence as the framework for new services:

Kona Client Reputation: Akamai’s view of web traffic gives the company access to more web client data than any other security provider. That data, combined with a proprietary query language and advanced heuristics and algorithms creates a reputation “score” for every IP address that crosses the platform. As important, this score can adapt over time, based on ongoing data analysis of IP address activity. Potentially hazardous traffic is classified as DDoS attackers, vulnerability scanners, web attackers or web scrapers and further rated according to the likelihood of danger associated with the client. The rating system is specifically designed to give security professionals greater insight and flexibility in defining which clients to block and which to let through. Further, by injecting scores into request headers, Kona Client Reputation data can feed into back-end security systems. Internal testing of Kona Client Reputation shows the solution is able to stop an average of up to eight times as many malicious requests than using Kona Site Defender alone. Kona Client Reputation is deployed as an add‑on option to Akamai Kona Site Defender.

Improved Kona Rule Set: Responding to a consistently evolving threat landscape requires the agility to quickly block malicious activity without hampering legitimate traffic. Already proven to deliver industry leading false positive and false negative rates, the improved Kona Rule Set has been developed based on ongoing analysis of more than two Petabytes of security-related data delivered by Akamai Cloud Security Intelligence and conducted by Akamai’s threat research team. The resulting Kona Rule Set, which is available to all Kona Site Defender customers at no additional cost, has shown an approximately 30 percent decrease in reporting false positives and false negatives, helping security professionals ensure that more malicious traffic is being blocked while at the same time allowing more legitimate traffic to pass.

“Companies around the world have come to rely on Akamai’s Cloud Security Solutions to keep their web sites and applications not only up and running, but also highly performant, in the face of attack,” explained John Summers, vice president, Cloud Security, Akamai. “The Akamai Cloud Security Intelligence data analysis engine provides a solid foundation from which we’re able to make our existing Akamai Cloud Security Solutions even smarter and provide a framework upon which new cloud security solutions can be built. The ultimate goal is to continue delivering technology designed to keep our customers’ online businesses protected in the face of an ever changing threat landscape.”

http://www.akamai.com