Name: Lessons Learned from Securing Web Apps and APIs at Internet Scale
Start: 2022-08-19T18:00:00Z
End: 2022-08-19T18:00:25.000Z
Location: BrightTALK
Rating: 0

Leading companies worldwide choose Akamai to build, deliver, and secure their digital experiences — helping billions of people live, work, and play every day. Akamai Connected Cloud, a massively distributed edge and cloud platform, puts apps and experiences closer to users and keeps threats farther away. Learn more about Akamai’s cloud computing, security, and content delivery solutions.

In this "If Your APIs Could Talk" episode, we'll explore the Traffic Audit feature of the Akamai API Security solution. We'll introduce participants to Traffic Audit's powerful capabilities, including recording, visualizing, and analyzing API traffic within their environment. Traffic Audit allows users to easily identify and manage the risk exposure of suspicious users and unusual API behaviors by recording data flows and creating custom audits based on specific criteria. With Traffic Audit, users gain valuable insights into API activity, such as forensic analysis for specific attacks, investigation of suspicious user behavior, and troubleshooting API configurations.

The webinar will provide a comprehensive overview of how Traffic Audit works, including how to create audits that capture and retain traffic according to predetermined filters and rules. Don't miss this opportunity to learn about the innovative capabilities of Traffic Audit and how it can enhance your API security.

Ep. 11 - Deep Dive into API Security Traffic Audit Capability

The cloud infrastructure of today cannot meet the requirements of tomorrow's applications.

New applications using AI and mixed reality require new approaches to provide more responsive applications and to protect privacy. Existing applications are becoming more personalized and customized. Customer experience needs to be seamless and reactive in the moments that matter.

Join us as we discuss how we're building a globally distributed cloud to meet the needs of your customers, partners, and your organization.

The Disruption of Cloud Computing in the Era of AI

Is your healthcare organization's digital transformation creating security blind spots? Join us for a fireside chat about the hidden risks of modernization where we'll explore threat trends and real-world case studies of how API vulnerabilities and DDoS attacks are impacting healthcare organizations today. Moderated by H-ISAC, security experts from Untangle Health and Akamai will share threat intelligence and best practices. You'll walk away with actionable insights and strategies to protect your systems without slowing down innovation.

Healthcare State of the Industry: Preventing Critical Cyber Threats

Join Akamai's financial services team as they delve into the growing challenges of DDoS and domain scraping leading to phishing attacks targeting the financial sector. Leveraging Akamai’s latest research, we'll unpack the significant rise in DDoS attacks, exacerbated by virtual machine botnets and geopolitical tensions, as well as the increasing threats of brand abuse and phishing campaigns.

The webinar will offer valuable insights into the evolving threat landscape, the vulnerabilities introduced by APIs, and proven strategies for deploying mitigation strategies like Zero Trust and microsegmentation. Join us to strengthen your defenses and gain insights on how to best safeguard your financial institution.

Navigating The Rising Tide: Attack Trends in Financial Services

In this episode of "If Your APIs Could Talk," we explore the Workflow Automation feature of Akamai API Security. This feature dramatically improves efficiency and productivity by simplifying the creation of multi-action workflows. It uses a user-friendly visual editor, customizable workflow samples, and over 300 pre-built connectors. In this session, you'll learn how to automate complex event response processes and synchronize incident-related data with third-party services like ServiceNow, JIRA, and Azure DevOps. We'll also provide examples of common workflow use cases, including: 

- Incident creation in ITSM solutions 
- Notifications to security and business teams 
- Data customization 
- Bi-directional sync with ticketing systems 
- Preventive workflows to block suspicious traffic 

Whether you're an existing user or considering Akamai API Security, this episode will provide valuable insights into using Workflow Automation to streamline your security operations.

Ep. 10 – Workflow Automation Deep Dive

As digital experiences evolve, the demand for faster, more efficient web performance has never been greater. Listen to this webinar for a technical deep dive that reveals how you can benefit from the latest performance optimisations in the browser, at the edge, and in the cloud. 

In a data driven story, we highlight modern techniques allowing for instant UX covering: 
- Distributed compute
- 103 early hints
- Speculation rules
- Volatile content acceleration
- 0-RTT

Presenters:
- Tim Vereecke, Performance Specialist, Akamai 
- Robin Marx, Performance Specialist, Akamai

From Lightning Fast to Instant: Five Modern Ways to Beat Latency

In this "If Your APIs Could Talk" episode, we'll explore the Akamai API Security Native Connector feature. This new integration, built directly into our API Security solution, enables companies to send a copy of their Akamai Connected Cloud traffic to our API Security solution for analysis with just a few clicks. Enabling this integration provides complete visibility into your APIs across environments managed by Akamai, allowing for the detection of vulnerabilities and the ability to rapidly act on runtime incidents. The session will include a demonstration of the connector's seamless deployment, a technical explanation of how it works, and a spotlight on its operational benefits.

Ep. 9 - Akamai API Security Native Connector Deep Dive

Data is being generated at unprecedented rates and from diverse sources, making effective backup solutions critical to maintaining data integrity and availability. The systems producing all that data are substantially different from the ones that traditional backup and recovery solutions were designed to protect. The high volume of data is coming from the cloud and from the edge, necessitating new architectures for protecting, backing up, and recovering the data.

Attend this webinar to learn about the new generation of backup solutions designed with cloud, cloud-native, and edge cases in mind.

From Edge to Cloud: How Backup Solutions are Evolving

We have all heard this story before - a critical vulnerability is discovered in a VPN server. It's exploited in the wild. Administrators rush to patch. Panic spreads across Twitter. 

Attackers have long sought to exploit VPN servers - they are accessible from the internet, expose a rich attack surface, and often lack in security and monitoring. Historically, VPNs were primarily abused to achieve a single objective: gaining entry into internal victim networks. While this is evidently very valuable, control over a VPN server shouldn't solely be seen as a gateway to the network, and can certainly be abused in various other ways.

In this talk, we will explore VPN post-exploitation - a new approach that consists of different techniques attackers can employ on the compromised VPN server to further progress their intrusion. To demonstrate this concept, we will inspect two of the most common VPN servers on the market - Ivanti Connect Secure and Fortigate, and show how an attacker with control over them can collect user credentials, move laterally, and maintain persistent access to the network.

We will conclude by detailing best practices and principles that should be followed by security teams when using VPN servers to reduce the risk from post-exploitation techniques.

During the session, you will:
- Explore critical vulnerabilities and real-world exploits on popular VPN platforms.
- Discover post-exploitation tactics for credential collection, lateral movement, and persistent access.
- Learn best practices to enhance VPN security and reduce advanced threat risks.

Tunnel Vision: Exploring VPN Post-Exploitation Techniques

Did you know increasing observability could be your secret to success this holiday season? When performance and security matter most, being able to quickly identify and pinpoint issues means getting back on track - and back to driving revenue.

Join us for a fireside chat where we’ll dive into how observability can help optimize performance, enhance security, and improve user experience during critical high-traffic periods. It’s not too late to leverage tools that help ensure your infrastructure is resilient — and ready to handle peak demands — in a more cost effective way.

Key Takeaways:

Proactive Performance Optimization: Discover how to reduce site load times and prevent downtime during peak periods, keeping users engaged and satisfied.
Enhanced Security Measures: Learn how to protect your business from increased cyber threats during high-traffic events, with real-world examples of successful mitigations.
Data-Driven Decision Making: See how unified traffic views can streamline operations, reduce costs, and enable quicker, more informed decisions.
Success Stories: Hear about companies like global airlines and luxury brands that overcame peak-season challenges with TrafficPeak, ensuring smooth and secure user experiences.

3 Ways Observability Can Help You Prepare for Peak -- And Beyond

Viewership is unpredictable. Capacity planning and cost estimates are hard. Workloads are increasingly complex and optimizing performance in a multicloud environment is never-ending.
 
For streaming services, that translates into a cost-effective, reliable, and trusted platform on which developers can build, deploy, and secure applications and workloads everywhere your viewers connect online, no matter which device they use to stream. The end result is low latency, increased speed to market, and better performance of your applications. Learn how Akamai’s cloud computing services come with low-cost, predictable pricing and award-winning developer support.
 
The partnership with Ateme brings benefits to Akamai customers in the form of end-to-end superior quality video-delivery solutions — enabling more choices and allowing easy adoption and deployment in your digital transformation journey.
 
In this webinar, media owners will learn about ways to boost viewership and subscriber engagement while unifying delivery and enhancing quality.
 
 • Cost optimisation
 • Low latency
 • Ease of adoption
 • Flexible deployment

Discover how Akamai and Ateme lower the barrier to entry to cloud computing in the media and entertainment industry

As web applications and APIs have proliferated, they’ve become an attractive target. Akamai’s latest report reveals an increase of 49% in web attacks from Q1 2023 to Q1 2024. The report also provides detailed analyses of trends by industry and region, and a look at DDoS attacks with a DNS component. Access the report for the insights you need to effectively prioritize your security strategy and spending.

Digital Fortresses Under Siege: Threats to Modern Application Architectures

In this session, we'll discuss the latest PCI DSS 4.0 requirements for script protection so brands can better identify, monitor and manage suspicious and malicious script behavior.

Akamai Client Side Protection & Compliance

Demonstrating compliance with data protection regulations has traditionally required significant effort and resources to mitigate mostly familiar risks. However, the digital landscape is evolving rapidly, introducing threats that many enterprise compliance programs don't fully address. Even regulatory bodies themselves can't always keep pace and provide explicit guidelines covering every aspect necessary to prevent breaches.

This is the case with API protection. Every time a customer, partner, or vendor engages with your business digitally, there's an API behind the scenes facilitating a rapid exchange of information that often includes sensitive data. Understanding and mitigating API threats is essential as APIs become increasingly integral to our technological infrastructure. This webinar will equip you with an understanding of API risks, effective strategies to safeguard your systems, and the direct implications of APIs on your compliance initiatives.

This webinar is ideal for IT professionals, security analysts, compliance officers, and anyone involved in API development and management who is looking to enhance their understanding of API security and compliance.

API Security and Compliance: Requirements for Data Protection

Viewership is unpredictable. Capacity planning and cost estimates are hard. Workloads are increasingly complex and optimizing performance in a multicloud environment is never-ending.
 
For streaming services, that translates into a cost-effective, reliable, and trusted platform on which developers can build, deploy, and secure applications and workloads everywhere your viewers connect online, no matter which device they use to stream. The end result is low latency, increased speed to market, and better performance of your applications. Learn how Akamai’s cloud computing services come with low-cost, predictable pricing and award-winning developer support.
 
The partnership with Ateme brings benefits to Akamai customers in the form of end-to-end superior quality video-delivery solutions — enabling more choices and allowing easy adoption and deployment in your digital transformation journey.
 
In this webinar, media owners will learn about ways to boost viewership and subscriber engagement while unifying delivery and enhancing quality.
 
 • Cost optimization
 • Low latency
 • Ease of adoption
 • Flexible deployment

Discover how Akamai and Ateme lower the barrier to entry to cloud computing in the Media and Entertainment industry

As the use of payment card data has evolved and become more widespread, the methods and techniques that attackers use to access, harvest, and sell that data have evolved in concert. The Payment Card Industry Data Security Standard, or PCI DSS, has adapted in turn, forcing companies to update their policies and their software. The latest standards, PCI DSS 4.0 and 4.0.1, include several new security requirements and updated guidance to address current threats and technologies. In this on-demand video webinar, sponsored by Akamai, you’ll learn the importance of:

Streamlining workflows for security and compliance teams
Reducing the auditing burden with purpose-built and dedicated PCI capabilities
Receiving and logging actionable PCI alerts for events related to compliance
Consolidating vendors to meet PCI requirements with Akamai’s comprehensive portfolio of security solutions.

Accelerate Your Compliance with the Latest PCI DSS Standards

APIs power the modern world. They are the fundamental building blocks of every application, enabling seamless communication and data sharing across the digital landscape. However, this very reliance on APIs makes them increasingly the target of attacks, with cybercriminals actively seeking to exploit vulnerabilities, gain unauthorized access, and extract sensitive data.
Join us to discuss why API security is not just an add-on but a critical component for businesses looking to innovate and scale. This webinar will highlight the growing threats to APIs and why securing them is vital for the future of any organization. We'll also examine how our newly acquired API Security solution enhances our Application Security portfolio to protect your business from evolving threats and support your growth ambitions.

Future-Proofing your Business: Why API Security is Essential for Growth and Innovation

Securing cloud environments is a critical aspect of modern enterprise operations. This event is designed for IT professionals and managers focused on protecting their organization's cloud infrastructure.

Attendees will explore the latest strategies and technologies for cloud security, including identity and access management, data encryption, threat detection, and data security posture management. Experts from leading cloud security companies will provide practical insights into implementing robust security frameworks, ensuring compliance with industry standards, and effectively responding to security incidents with the latest tools.

Get the knowledge you need to secure your cloud environment and maintain the integrity of your data.

The Cloud-Powered Enterprise: Securing Your Cloud

Defeating Ransomware: Security Controls That May Surprise You

The Year of Zero Days – Defending Against the Million Dollar Threat

Life's a Breach: Understand Threat Intelligence, Cyber Maturity and Resiliency

Fireside Chat with Invicti and Clarify360 on Application Security

The Post-Pandemic Threat Landscape

True Tales from AppSec Customers

Without Correlation, Your AppSec Testing Approach Needs an Update

How to Build a Blueprint for Secure Software

Why Can't We Make Secure Software?

Eliminate Ransomware Risks With the Right Backup Strategy

Update Your Application Security Strategy

Social Engineering and Security Awareness

Build Resistance to Attacks by Unlocking the Value of Ethical Hackers

Building a Robust Enterprise Security Program

Your Security Metrics Are Lying (And What To Do About It)

A Road Less Traveled: Learning the Value of SME Enterprise Security Management

Limiting the Impact of Future Ransomware Threats

Leverage Network Data To Minimize Your Cybersecurity Risk

The steps to sensible auto-remediation

It's Time to Modernize Threat Detection

Understand Threat Detection and Response Solutions and Services

The Evolution of Prevention-First Cybersecurity

Outwit Attackers with a Proactive Cybersecurity Plan

Combating Cyber Threats & Breach Prevention 2022

Application Security for Billions: Lessons Learned from Securing Web Apps and APIs at Internet Scale

Whenever you hear people talking about web and application security, you’ll often learn about the latest way to make sure you’re not ingesting user supplied input the wrong way, or how to write secure code to prevent cross site scripting, etc. 

But, have you ever wondered what it’s like to secure business critical websites, and the ever-evolving growth of API’s and bespoke applications that are developed every day across thousands of websites in dozens of countries around the world?

In this webinar, Tony Lauro, Akamai’s Security Technology and Strategy Director, will cover:
- What defenders are doing at scale to defend the evolving threats targeting websites 
- Methods for cutting out the noise of benign, but annoying vulnerability verification requests
- Best practices for managing large scale security configurations
- Some of the ways that defenders are winning against these unimaginable odds, as well as how attackers are targeting these very same applications hoping to bypass security by obscuring their attack techniques

Lessons Learned from Securing Web Apps and APIs at Internet Scale

Application Security

Security

IT Security

Application Monitoring

Cyber Attacks

API Management

APIs

Cyber Security

Security Awareness

Web Application Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Lessons Learned from Securing Web Apps and APIs at Internet Scale

Presented by

About this talk

More from this channel