Simplify Security and Enhance WAAP with Detection and Control in the AI Era

As the rise of generative artificial intelligence transforms business operations, the velocity of security threats is increasing. Organizations across the globe are realizing that the promise of AI also brings new security challenges — challenges that security teams must be ready to confront. 

The future of security is not only about simplifying operations, but also about ensuring that the simplicity does not come at the cost of weakened defense or reduced control over a company's digital estate. As we move toward 2025, security leaders are seeking solutions that offer streamlined operations without sacrificing the depth of detection and response capabilities.

AI is making its mark in organizations worldwide, and it is introducing new vectors of vulnerability. The rapid maturation of AI means that adversaries are evolving their attack strategies just as quickly, using sophisticated methods to target application and API infrastructures. In response, security teams must be proactive in addressing both current and emerging threats.

One of the critical areas of concern is Layer 7 distributed denial-of-service (DDoS) attacks. Recent trends, such as those highlighted in Akamai’s State of the Internet (SOTI) report show a rise in sophisticated Layer 7 DDoS attacks that bypass traditional defenses and overwhelm resources. Security teams now need solutions that offer both automated detection and mitigation, while minimizing the burden of frequent manual interventions.

Akamai now boasts two significant technologies at the core of its web application and API protection (WAAP) solution: the Adaptive Security Engine and the new Behavioral DDoS Engine. While the Adaptive Security Engine excels at defending against the Open Worldwide Application Security Project (OWASP) threats, Common Vulnerabilities and Exposures (CVEs), and zero-day vulnerabilities, the Behavioral DDoS Engine offers a powerful new layer of protection specifically against Layer 7 DDoS attacks. Akamai customers can access this new technology during its beta release in October 2024.

With the use of machine learning, the Behavioral DDoS Engine automatically sets traffic baselines based on advanced behavioral analysis of your traffic, and adaptively fine-tunes sensitivity levels to drive accuracy while minimizing any false positives. This sophisticated anomaly detection system evaluates multiple dimensions of traffic — including Transport Layer Security (TLS) fingerprints, geographic data, and network identifiers — to distinguish between legitimate traffic and potential threats. The engine’s automated, behavioral nature provides seamless DDoS protection, enabling security teams to focus on higher-level strategies without the need for constant intervention and tuning.

We have already started rolling out platform-wide changes to support the Behavioral DDoS Engine. Starting in November 2024, this new capability will be made available to a selected set of customers while the broader customer community will get this benefit in 2025.

Additionally, security operations are further simplified for OWASP threat protection and beyond in the Adaptive Security Engine. Launched in 2021, the Akamai Adaptive Security Engine has made significant strides in automation, reducing false positives by 4x while continuously improving security efficacy. This ensures that the system is always in tune with the changing threat landscape, and provides peace of mind to security teams since no manual tuning is required​​.

While automation and simplicity are essential, security teams must retain authority over their defenses. App & API Protector has expanded its granular controls for Layer 7 DDoS defense, improving the detection of advanced attack techniques (such as rotating IP addresses) with a feature called Aggregated mode. This expanded control allows security teams to maintain a finely tuned response to threats without sacrificing visibility or control over their traffic.

Moreover, the solution's Rapid Rules functionality ensures that zero-day vulnerabilities and emerging CVEs are even more swiftly addressed. In high-profile cases, such as the Log4j or Struts vulnerabilities, Akamai’s WAAP customers benefit from automatic protections that are applied based on the threat intelligence gathered from the Akamai platform. 

Security teams can also choose to have Akamai automatically manage actions like alerting or blocking, ensuring that no time is lost in responding to critical events​​.

As organizations face increasingly complex threats to their applications and APIs, security teams are being asked to review and analyze increasingly vast amounts of data. Manually filtering through layers of information can be time-consuming and inefficient, making it harder to identify and respond to risks quickly.

Akamai’s Web Security Analytics, the data hub within App & API Protector and many Akamai application security solutions, provides a unified platform for analyzing, assessing, and managing security data through customizable dashboards. However, as the volume and complexity of the data grows, users face new challenges. 

To address these challenges, Akamai introduces the AI Assistant for Web Security Analytics, which allows users to instantly filter and query security insights across various data attributes — such as attack types, regions, and threat scores — via an intuitive chat-based AI-powered interface. By automating security data analysis, the AI Assistant simplifies navigation, reduces manual effort, and empowers users at all expertise levels to quickly access relevant insights, streamline data exploration, and enhance investigation efficiency.