Keeping Up with Biden Administration Cybersecurity Mandates
With Wednesday’s sweeping cybersecurity mandates issued by the Biden administration, patching Common Vulnerabilities and Exposures (CVEs) are top of mind — for both federal and private-sector companies alike — to help prevent damaging intrusions. Intensifying the pressure surrounding the latest round of mandates, federal agencies are required to address high-risk vulnerabilities discovered in 2021 within two weeks. However, for the vast majority of organizations and their security teams, addressing every critical vulnerability at the software or infrastructure level quickly is not feasible. Instead, many enterprise defenders look to virtual patching via solutions like WAF policy updates and rule changes as a quick fix to help reduce immediate risk, while longer-term software updates are issued.
Akamai can help customers with a web application and API protection (WAAP) solution to close defensive gaps for the CVE list distributed by CISA (the ones related to web applications), which are known to be actively exploited. Recently, the Akamai Threat Research team wrote about several CVEs on the list (i.e., the Apache CVE-2021-41773, Confluence server CVE-2021-26084, and Kaseya CVE-2021-30116) and described defensive recommendations to help keep customers’ web-facing assets protected. While Akamai does provide protection in these cases, attack variants are often found in the days and weeks after a critical CVE is announced. The Akamai Threat Research team continues to monitor for such attack variants and provide rule updates as needed, but it is our recommendation that vulnerable systems be patched as soon as feasible in accordance with the announced directive.
Akamai’s commitment to threat research and intelligence is demonstrated by an investment in 330+ in-house researchers who augment application and API security technologies with expert analysis. Combined with internet visibility into malicious traffic across more than 1.3B client interactions daily, we have unique insight into the latest attacker tactics, techniques, and procedures (TTPs) and can rapidly create protections to block zero-day exploits against our customers. This threat intelligence is integrated into our solutions and with our WAF technologies in particular, via a new threat scoring model that enables adaptive threat detections. Akamai’s approach is highly effective in identifying and then blocking highly targeted, evasive, and stealthy attackers.
While virtual patching can provide short-term protection against active exploits (a sigh of relief for defenders), many WAF technologies are often associated with being too complex, difficult to tune, prone to excessive false positives, and a drain on scarce security and operational resources. That’s why it’s Akamai’s mission to design application and API security that provides high-quality security outcomes combined with a low- to no-touch operational experience to protect entire web application and API estates — at scale. Our approach is validated by Akamai’s market-leading web application and API position and attested to by customers we successfully serve.
We will continue to keep customers updated on the latest CVEs and make recommendations backed by Akamai threat research to help strengthen security postures against both known vulnerabilities and zero-day attacks.
Related Resources:
