Akamai App & API Protector
Protect entire web and API domains with our powerful security solution, designed with customer-centric automation and simplicity in mind.
Today, an app & API protector against a wide range of threats is crucial for business success. Securing digital properties brings new complexities and challenges. This is especially the case in a dynamic environment of cloud travel, modern DevOps practices and constantly evolving applications and APIs.
By implementing a holistic web application and API protection solution (WAAP), you can strengthen your information security strategy. This solution provides insight into emerging risks to address security gaps and effectively stop web- and API-based attacks. Akamai App & API Protector is designed to protect entire web and API estates with a holistic set of powerful protections purposely built with customer-focused automation and simplicity. This simplicity belies some of the most advanced security automation available today. Powered by a new adaptive security engine, App & API Protector brings together many leading core web application firewall, bot mitigation, API protection and DDoS protection technologies into a single solution that is truly user-friendly.
One Product, Broad Protections
Protect all your websites, applications, and APIs from a broad range of threats. These threats include volumetric DDoS, automated botnets, and injection and API-based attacks, among others, from a single WAAP solution.
Frictionless Maintenance
Maintain strong security with automatic updates and alleviate alert fatigue with automatic self-tuning to help security teams focus on investigating real attacks and not chasing false alerts.
Do More With Less
Maximize your security investment with a solution that includes web application and API protections, bot visibility and mitigation, DDoS protection, SIEM connectors, web optimization, edge compute, API acceleration, and more.
Reduce your API Attack Surface
APIs have become a dominant mechanism in the modern web that enable powerful web experiences, but could also expose back-end data and logic. Automatically discover and protect your APIs from vulnerabilities, including the OWASP API Security Top 10.
Page Integrity Manager
Protect websites from JavaScript threats — such as web skimming, formjacking, and Magecart attacks — by identifying vulnerable resources, detecting suspicious behavior, and blocking malicious activity.
Managed Security Services
Offload or augment your security management, monitoring, and threat mitigation to Akamai security experts.
Adaptive Security That Self-Tunes
With new multidimensional, adaptive threat-based detections, threat information on the Akamai platform is correlated. This correlation takes place with data/metadata from each web and API request. This approach allows us to detect up to two times more attacks than with our previous detection technology. Moreover, we have achieved a reduction in false positives of up to 5x. Advanced decision logic tailored to your traffic stops both common and highly targeted attacks with incredible precision. But no WAAP is 100% accurate, so App & API Protector features self-tuning capabilities designed to reduce operational friction and administrative overhead. All security triggers, both real attacks and false positives, are automatically analysed with advanced machine learning (ML) for policy-specific tuning recommendations that can be easily accepted with just a few clicks.
Maximum Protection and Performance
Advanced API Capabilities
Automatically discover a full range of known, unknown and changing APIs in your web traffic, including their endpoints, definitions and traffic profiles. Visibility into APIs helps protect against hidden attacks, find errors and reveal unexpected changes. Moreover, you can easily register newly discovered APIs with a few clicks. Best of all: all API requests are automatically inspected for malicious code whether you register them or not, providing strong API security by default. With the advanced security management option, registered APIs can benefit from additional forms of security, such as enforcing API specifications at the edge.
Bot Visibility & Mitigation
Monitor and mitigate bot attacks with integrated bot capabilities designed to detect and stop unwanted bots. Get real-time insight into your bot traffic with access to Akamai’s extensive directory of more than 1,500 known bots. Investigate skewed web analytics, prevent origin overload and create your own bot definitions to enable unhindered access to third-party and partner bots. As needs grow, you can easily upgrade to a complete bot management or account takeover solution in just a few steps.
DevOps Integration
Akamai APIs are available in the form of a wrapper with Akamai CLI package or Terraform. This allows you to manage App & API Protector via code. Every action available in the user interface can be accessed via programmable APIs. Enable fast onboarding, create unified security policy management, centralise enforcement across cloud infrastructures and improve collaboration between DevOps and security teams in a GitOps workflow. This ensures that security always keeps pace with today’s rapid development. Security intelligence and event management (SIEM) APIs are also available, and pre-built connectors to Splunk, QRadar, ArcSight and more are automatically included with App & API Protector.
Capabilities
With App & API Protector, you can seamlessly scale to meet changing traffic demand. It distributes CPU and memory resources based on need and caches content from the edge. This ensures continuous protection without interruption. As protection should never hamper performance or development speed, free tier rights for image and video optimisation, API acceleration and edge computing are also included.
Automatic Updates
Akamai threat researchers analyze more than 300 TB of daily attack data using ML to identify new attack vectors or permutations of existing ones. The security research team then automatically updates the adaptive security engine with the latest protections for the strongest possible security outcomes. Akamai-managed updates mean less administrative overhead and operational friction.
DoS/DDoS Protection
Network-layer DDoS attacks are instantly dropped at the edge. Application-layer attacks, including those designed to exhaust resources, those that exploit vulnerabilities to impact availability, and those that target application logic are quickly mitigated within seconds. Akamai DDoS Fee Protection provides credit for any overage fees incurred due to a DDoS attack.
Network Lists
Block or allow traffic coming from a specific IP, subnet, or geographic area. This allows you to block malicious requests from specific IP addresses or traffic. For instance, The Onion Router, which threat actors often use to hide their identity.
Simplified Onboarding
App & API Protector provides an easy-to-use wizard to onboard properties with integration and configuration workflows. These are designed to streamline and simplify the onboarding process.
Dashboards, Alerting and Reporting Tools
Access detailed attack telemetry and analysis of security events, create real-time email alerts using static filters and thresholds, and leverage web security reporting tools that continually monitor and assess the effectiveness of your protections.
Custom Rules
Generate up to 100 custom rules using an easy-to-use rule builder to create and manage unique scenarios not covered by standard protections. For example, use custom rules to quickly patch unique application and API vulnerabilities (virtual patching).
Hostname Evaluation
Safely add additional hostnames to an existing security configuration by first evaluating for potential impact and without taking protections offline. Existing protection settings, adjustment to rate controls, exceptions, or custom rules are automatically mirrored for the evaluation.
Response Actions
Create and serve a wide range of response actions, including fully customized responses. You can send custom error messages, deliver brand pages with your own logo, or define and serve HTML-, XML-, or JSON-based responses, depending on your needs.
Site Shield
Provides a layer of protection that helps prevent attackers from bypassing cloud-based protections and targeting your origin infrastructure.
More protection. Better outcomes. Less friction.
Tailor defenses to the latest applications and threats
Simplify security with automated updates and self tuning
Minimize effort with Akamai-managed updates and machine learning–powered self tuning.
Empower developers and security teams
Operationalize security with a choice of popular tools and deploy within a CI/CD pipeline.