App and API Security | Akamai

With the rise in web applications and APIs, attacks targeting these systems continue to escalate. Cybercriminals are always on the lookout for zero-day vulnerabilities, and new threats are emerging every day. Therefore, it is imperative to stay abreast of the latest attack vectors and mitigation strategies.

In this webinar, Akamai presents its research on the top web application and API attack trends. We will share insights on the current attack trends impacting the Asia Pacific and Japan (APJ) region collectively. Our research also covers where adversaries are focusing their attacks on and what their preferred attack techniques are.

Join us for this session to understand:
- Latest web application and API attack trends in APJ
- Common attack vectors and techniques used by adversaries
- Top countries and industry verticals affected by attacks
- Recommended mitigation strategies

Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
Moderator: Garion Kong, CISSP, CCSP, President, (ISC)² Singapore Chapter

In today’s connected world, securing web applications and APIs from a wide range of threats is critical for business success. These threats include web app business logic attacks, API abuse, and even sophisticated bot attacks.

Securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and APIs also introduces new complexities and challenges.

The next generation of cloud security must tailor its defenses against the latest threats, while dynamically mitigating any vulnerabilities from legacy frameworks and technologies.

In this webinar, we will discuss how Akamai’s App and API Protector:
• Automatically adapts to evolving attacks, including application DDoS attacks
• Protects against OWASP top 10 threats
• Provides unparalleled bot visibility and mitigation strategies
• Supports simplicity in onboarding and maintenance through automated updates, self-tuning, and Akamai’s advanced API capabilities
• Empowers both developers and security teams with deep attack visibility

In our previous session, we discussed how Akamai’s App and API protector streamlines the protection of your web applications and API in a dynamic and automated fashion.

In this workshop, we will take a closer look at how to gain visibility into which parts of your application you can protect, and how these controls are implemented.

Join us for a hands-on look at a streamlined approach toward integration and configuration workflows. We’ll also look at the power of Akamai’s security analytics and dashboards to help you investigate, mitigate and triage attacks.

We’ll walk you through how to:
• Discover and gain true visibility of API endpoints, to reduce your API attack surface
• Leverage Akamai’s automated self-tuning capabilities, or configure advanced controls for greater flexibility
• Manage security controls with a simple and intuitive GUI, or automate the process with Akamai’s Terraform provider, APIs, or the Akamai CLI
• Detect and mitigate malicious activity or unwanted bot traffic in real time

The year 2023 began with a thunderous display of cyber warfare as threat actors took center stage. In addition to the usual gang of cybercriminals, hackers and script kiddies, a very powerful category of malicious actors dominated cybersecurity headlines: State-sponsored actors and hacktivist groups, such as Killnet or the newly emerged Anonymous Sudan, unleashed chaos upon sectors such as banking, airports, healthcare, state institutions and universities.

In this current mix of threat vectors, DDoS attacks turned out to play a major role again. Sometimes serving as a smokescreen for more sophisticated attacks, such as data theft, sometimes as a blackmail instrument in a triple extortion attempt, or used as the main attack method to bring down poorly protected Internet properties that are part of critical infrastructure. Seven out of the 10 largest DDoS attacks Akamai has mitigated took place in the last 24 months, and the trend is pointing upwards. And attacks have not just gotten bigger, but also more sophisticated and targeted. Businesses can no longer assume that their DDoS defense is bulletproof.

Akamai provides one of the most widely used DDoS protection solutions in the world, seeing and analyzing more attack traffic than any other company. In this webinar, you will learn:

• What you need to know about latest DDoS trends
• What questions to ask to check if your own security posture is still sufficient
• What steps Akamai took to keep Prolexic, its DDoS protection platform, ahead of threat actors
• Why a new, universal Network Cloud Firewall was added to Prolexic – how it improves DDoS protection, and what it can do beyond DDoS
• What advantages our new local DDoS data centers offer to Indian businesses

APIs have been essential components of digital transformation and innovation - from the move to the cloud to enhancing customer experiences. OpenAPIs, and adoption of microservices have all contributed to the rapid growth of APIs as well as the explosion of the API attack surface. This API blindspot is becoming the biggest security problem for today’s businesses.

In this webinar, you will

-Learn the evolution of the application architecture in a digitally transformed world.
-Understand OWASP Top 10 API Security Risks 2023, and API security best practices.
-Explore mitigation strategies with Akamai API security.
-Akamai API Security Demo.

Between hidden Magecart web skimming campaigns, API authentication vulnerabilities, and the continuous assault by malicious bots, 2023 kept cybersecurity professionals busy.

Researchers from Akamai’s Security Intelligence Group (SIG) and executives from our Security Operations Command Centers (SOCCs) look back on some of the most important developments in cybersecurity of 2023 and weigh in on their top observations.

Join us to learn:

• Regional attack trends, including Asia Pacific & Japan
• Front-line observations from Akamai’s Security Research and Operations Command
• Looking ahead to 2024’s threat landscape

Don't miss out on our upcoming LIVE API security workshops. Register now!

• Mastering API Security- https://www.brighttalk.com/webcast/17473/602219
• API Security Exposed: APAC's Guide to Advanced Defense - https://www.brighttalk.com/webcast/17473/602221

APIs are the backbone of modern software development and data exchange today. As APIs become increasingly vital, so does the need to secure them effectively.

Join this live APAC tech workshop session to equip yourself with the knowledge and tools needed to ensure the discovery and integrity of your APIs.

Learn how API Security:
-Is a critical component for organizations looking for protection from business logic threats and attacks
-Provides enterprise-wide discovery and threat detection
-Provides data rich insights to enable strong and customized responses
-Is easy to deploy, reducing time to value, and resources and time to deploy
-Integrates with your day to day work processes and systems

Watch a live demo of data scraping and user account takeover attacks and listen to real stories from the forefront of API attacks seen in the wild in our next session .Register today.-https://www.brighttalk.com/webcast/17473/602221

Dive into the crucial realm of API security with our second live episode, tailored for APAC and global tech professionals.

We'll uncover hidden vulnerabilities in sophisticated APIs and provide a comprehensive view of the risks and defense mechanisms. This episode is not just an exploration but a practical guide to mastering API security in the digital age.

Join us for a live session for:
-Demo deep dive on Akamai API Security
-Proof-of-concept (POC) insights
-Customer Case studies
-Threat Hunting tactics
-Strategies for enhanced API Protection

For details on the first session of this API security series -https://www.brighttalk.com/webcast/17473/602219