Akamai Cloud Security Summit_London_June 2018

Transcript

1. London 20 June, 2018

2. Opening Remarks / Welcome Ash Kulkarni, Sr. VP and GM,

   Web Security and Performance, Akamai Technologies

3. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM The digital economy is transforming faster than ever, creating a world where everything is connected. THIS CALLS FOR A COMPLETE RETHINK OF HOW YOU ENGAGE YOUR CUSTOMERS

4. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM • 100 percent uptime SLA • Resilient, predictable performance • Intelligent routing and acceleration • Layered, cloud-based security • Experience integrity AKAMAI’S CLOUD DELIVERY PLATFORM How to deliver on such enormous expectations

5. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM MEDIA DELIVERY High bitrate streaming, adaptive media delivery, and fast downloads for flawless multi- channel digital experiences at scale. CLOUD SECURITY Layered protection against advanced threats, DDoS, malware, phishing, and data exfiltration, with bot management. EXPERTISE 1,900+ experts ready to support you with strategic expertise, 24/7 proactive monitoring and responsive troubleshooting. WEB PERFORMANCE Adaptive acceleration, powerful policies, and extensibility to create dynamic, engaging digital applications. THE AKAMAI INTELLIGENT PLATFORM

6. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM Zero Trust App #1 App #2 App #3 There is no inside... App #2 App #1 App #3 Inside = trusted SECURE ACCESS IN A ZERO TRUST ERA Why cloud and mobile require transformation

7. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM Harness the power of the cloud without losing control CLOUD SECURITY Adaptive threat protection that doesn’t compromise security, sacrifice performance, or risk eroding customer trust.

8. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM Fast DNS >20 clouds for perf & scale, drops attack traffic at the edge Kona >Application & API protections with auto-mitigation + management Prolexic /24 protection with managed SOCs Mirai 620 Gbps botnet attack in September 2016 Memcached 1.3 Tbps DDoS attack in February 2018 WireX >127,000 participating IP Addresses ADAPTIVE THREAT PROTECTION Through layered security solutions

9. © 2 0 1 8 A K A M A

   I | F A S T E R F O R W A R D TM Prolexic Site Shield Partner with experience – Stopping the largest attacks since 1998 – Continued innovation to stay ahead of customer needs – Leveraging product, intelligence, and people 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 Bot Manager Enterprise Application Access 620 G bps DDoS 80 G bps DDoS 320 G bps DDoS Enterprise Threat Protector Bot Manager Premier First cloud WAF Managed WAF Client Reputation Kona Site Defender CSI KRS Akamai founded 1.3 Tbps DDoS LEADER IN SECURITY INNOVATION Protection from growing online threats

10. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM CLOUD SECURITY SOLUTIONS Adaptive threat protection as a service Bot Management Application Security DDoS Mitigation API Management Enterprise Access Web App Protector Automated, blanket protection for web applications Kona Site Defender Customizable, advanced app and API protection, managed option Fast DNS Scalable authoritative DNS service with DDoS protection Prolexic Routed Managed protection against the largest DDoS attacks Bot Manager Std Manage automated visitor traffic to protect revenue Bot Manager Premier Machine learning to protect against credential abuse & account takeover API Gateway Manage access, authentication and rate controls for APIs Client Reputation Machine learning service to adaptively manage traffic Enterprise Access Simple, unified & secure enterprise application access Ent Threat Protector Malware protection using recursive DNS & Cloud Security Intelligence

11. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM WHAT DO YOU WANT TO PROTECT? Security starts with your business Your customers Securing PII, account balances, and transaction details, and more to preserve customer trust DNS services Ensure your DNS stays available, trustworthy, and fast, so users can find you Web applications Stop large and sophisticated denial of service attacks, web application attacks, and bot attacks Your employees Stop damaging breaches perpetrated through malware, ransomware, and phishing attacks APIs Extend application security to API endpoints that expand your attack surface in new ways Enterprise applications and data Provide secure access to enterprise applications while protecting against advanced threats Data centers Protect IT assets within your data centers from denial of service attacks and malware

12. Changing Threat Landscape, Including a 1.3 Tbps Record-Setting DDoS Attack

    Jay Coley, Senior Director, Security Planning and Strategy, Akamai Technologies

13. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM Platform stats: • 240,000+ Servers • 2,800+ Locations • 1,600+ Networks • 130+ Countries • Within 1 hop of 95% of Internet end-users • To intelligently protect you online investments • + 7 Global Scrubbings Centers • Five SOC Locations 7x24x365 Built to deliver a fast, reliable & secure online experience: • To end-users around the world Intelligent Platform + Routed Platform

14. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM

15. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM 130 185 111 179 240 119 321 158 171 249 149 309 289 363 623 517 120 78 109 56 130 185 111 179 240 119 321 158 171 249 149 309 289 363 623 517 120 78 109 56 1,252 © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM 2013 Q 1 2013 Q 2 2013 Q 3 2013 Q 4 2014 Q 1 2014 Q 2 2014 Q 3 2014 Q 4 2015 Q 1 2015 Q 2 2015 Q 3 2015 Q 4 2016 Q 1 2016 Q 2 2016 Q 3 2016 Q 4 2017 Q 1 2017 Q 2 2017 Q 3 2017 Q 4 2018 Q 1 DOUBLING IN ATTACK SIZES Largest DDoS attack mitigated by Akamai per quarter

16. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM 100 MB response 210 byte request 500K AMPLIFICATION Memcached UDP reflection Country Total C h in a 2 0 ,3 2 7 U n ite d S ta te s 1 7 ,3 2 0 F ra n c e 3 ,2 8 3 H o n g K o n g 3 ,0 0 5 R u s s ia 1 ,7 5 8 J a p a n 1 ,6 5 2 G e rm a n y 1 ,5 6 7 C a n a d a 1 ,5 3 2 V ie tn a m 1 ,3 4 6 U K 1 ,1 1 2 S in g a p o re 1 ,0 6 3 N e th e rla n d s 1 ,0 5 4 T u rk e y 1 ,0 4 4 In d o n e s ia 7 4 8 B ra z il 6 7 9 P o la n d 5 4 3 In d ia 5 2 2 U k ra in e 5 0 4 R o m a n ia 4 5 8 L ith u a n ia 4 5 1 M em cached UDP reflection: an attacker queries an unsecured m em cached server using a spoofed IP address to trigger a flood of UDP packets against its target. W ith a 210 byte request capable of triggering a 100 M B response, this attack vector has the potential for over 500,000x am plification. The Shadowserver Foundation has identified over 50,000 m em cached servers operating on the public Internet. © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

17. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM M em cached DDoS tim eline: despite the enabling CVEs being disclosed in 2017, the first DDoS attack attributed to m em cached UDP reflection was observed on February 26, 2018. W ithin the first two weeks, this attack vector was responsible for 20 attacks against Akam ai custom ers, including a 1.3 Tbps attack against G itHub. © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM Feb 26 Feb 27 Feb 28 Mar 1 Mar 2 Mar 3 Mar 4 Mar 5 Mar 6 Mar 7 Mar 8 Mar 9 Mar 10 Mar 11 • 3 8 .6 1 G b p s • 8 .9 8 G b p s • 3 .5 3 G b p s • 1 9 1 .6 G b p s • 1 3 .8 9 G b p s • 5 .6 3 G b p s • 1 8 .3 4 G b p s • 1 .2 5 T b p s • 0 .8 2 G b p s • 2 2 9 .4 G b p s • 5 .9 8 T b p s • 1 .1 1 G b p s • 3 .4 4 G b p s • 1 6 0 .0 G b p s • 4 .2 G b p s • 2 .3 4 G b p s • 4 4 .6 1 G b p s • 6 .0 3 G b p s • 6 .7 1 G b p s • 1 .7 2 G b p s FIRST TWO WEEKS A new attack vector observed

18. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM Largest DDoS attack ever WHAT IT LOOKS LIKE March 1 (Attack traffic) • UDP flood on port 11211 • 188 Gbps peak bandwidth February 28 (Attack traffic) • UDP flood on port 11211 • 1.3 Tbps peak bandwidth • 330 Gbps second peak, 15-30 Gbps for 1+ hour

19. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM WHAT IT LOOKS LIKE Breakdown by scrubbing center 299 G bps 457 G bps 89 G bps 231 G bps 212 G bps 77 G bps 29 M pps 42 M pps 8 M pps 22 M pps 19 M pps 7 M pps As hbu r n Frank f urt Hong Kong Lond on San J o s e Tok yo

20. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM

21. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM A customer example WHY 100% CLOUD? Phase 1: • CLDAP reflection, DNS flood, NTP flood, SNMP flood, SQL server reflection, UDP flood, UDP fragment • 7.45 Gbps peak bandwidth • Two IP addresses Phase 2: • DNS flood, SYN flood, UDP fragment • 14.79 Gbps peak bandwidth • New IP address, original /24 Phase 3: • DNS flood, NTP flood, SNMP flood, UDP fragment • 32.4 Gbps peak bandwidth • New IP address, new /24 Phase 4: • DNS flood, UDP fragment • 18.5 Gbps peak bandwidth • 8 new IP addresses, 8 new /24s Phase 5: • DNS flood, SNMP flood, SYN flood, UDP fragment • 32.3 Gbps peak bandwidth • 255 new IP addresses, 1 new /24 Phase 6: • DNS flood, SYN flood, UDP fragment • 18.05 Gbps peak bandwidth • 7 IP address (5 new), 6 /24s (5 new) Phase 7: • DNS flood, RPC flood, UDP fragment • 18.05 Gbps peak bandwidth • 10 IP address (5 new), 2 /24s (1 new) Phase 8: • DNS flood, UDP fragment • 2.83 Gbps peak bandwidth • 2 IP address (2 new), 2 /24s

22. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM 386 479 459 448 506 522 524 866 1,160 1,243 1,510 2,007 2,525 2,922 2,680 2,244 1,851 2,356 2,535 2,348 STOPPING MORE ATTACKS Why Akamai for DDoS 20 13 Q1 20 13 Q2 20 13 Q3 20 13 Q4 20 14 Q1 20 14 Q2 20 14 Q3 20 14 Q4 20 15 Q1 20 15 Q2 20 15 Q3 20 15 Q4 20 16 Q1 20 16 Q2 20 16 Q3 20 16 Q4 20 17 Q1 20 17 Q2 20 17 Q3 20 17 Q4 ©2018 AKAMAI | FASTER FORWARDT M 386 479 459 448 506 522 524 866 1,160 1,243 1,510 2,007 2,525 2,922 2,680 2,244 1,851 2,356 2,535 2,348 2013 Q 1 2013 Q 2 2013 Q 3 2013 Q 4 2014 Q 1 2014 Q 2 2014 Q 3 2014 Q 4 2015 Q 1 2015 Q 2 2015 Q 3 2015 Q 4 2016 Q 1 2016 Q 2 2016 Q 3 2016 Q 4 2017 Q 1 2017 Q 2 2017 Q 3 2017 Q 4 STOPPING MORE ATTACKS Why Akamai for DDoS ©2018 AKAMAI | FASTER FORWARDT M 2013 Q 1 2013 Q 2 2013 Q 3 2013 Q 4 2014 Q 1 2014 Q 2 2014 Q 3 2014 Q 4 2015 Q 1 2015 Q 2 2015 Q 3 2015 Q 4 2016 Q 1 2016 Q 2 2016 Q 3 2016 Q 4 2017 Q 1 2017 Q 2 2017 Q 3 2017 Q 4

23. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM 1,162 1,421 1,639 1,423 INSTANEOUS DDOS MITIGATION Why Akamai for DDoS © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM Pre-mitigated Total mitigated ©2018 AKAMAI | FASTER FORWARDT M 386 479 459 448 506 522 524 866 1,160 1,243 1,510 2,007 2,525 2,922 2,680 2,244 1,851 2,356 2,535 2,348 2013 Q 1 2013 Q 2 2013 Q 3 2013 Q 4 2014 Q 1 2014 Q 2 2014 Q 3 2014 Q 4 2015 Q 1 2015 Q 2 2015 Q 3 2015 Q 4 2016 Q 1 2016 Q 2 2016 Q 3 2016 Q 4 2017 Q 1 2017 Q 2 2017 Q 3 2017 Q 4 1,162 1,421 1,639 1,423 2013 Q 1 2013 Q 2 2013 Q 3 2013 Q 4 2014 Q 1 2014 Q 2 2014 Q 3 2014 Q 4 2015 Q 1 2015 Q 2 2015 Q 3 2015 Q 4 2016 Q 1 2016 Q 2 2016 Q 3 2016 Q 4 2017 Q 1 2017 Q 2 2017 Q 3 2017 Q 4 INSTANEOUS DDOS MITIGATION Why Akamai for DDoS ©2018 AKAMAI | FASTER FORWARDT M 2013 Q1 2013 Q2 2013 Q3 2013 Q4 2014 Q1 2014 Q2 2014 Q3 2014 Q4 2015 Q1 2015 Q2 2015 Q3 2015 Q4 2016 Q1 2016 Q2 2016 Q3 2016 Q4 2017 Q1 2017 Q2 2017 Q3 2017 Q4 Pre-mitigated Total mitigated

24. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM DDoS Attacks Per Target, Q1-Q4 2017 Number of DDoS Attacks Faced by Top Target Organization in Q4 512

25. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM San Jose Los Angeles Miami Ashburn New York Chicago Hong Kong Sydney Dallas Stockholm Amsterdam London Frankfurt Paris Vienna Singapore Osaka Tokyo 2018: Greater Resiliency and In-Region Scrubbing 18 scrubbing centers / 8+ Tbps capacity PLATFORM EXPANSION 2017 2018

26. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM DDoS Attack Frequency by Industry, Q3 & Q4 2017

27. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM Web Attacks than 5 million. Mexico and Argentina held the 4th and 5th positions in the Americas, with attack counts in the hundreds of thousands, as opposed to the millions seen in the top three. China, India, and Japan maintained their rankings this quarter as the top three attack source countries in the Asia Pacific region. In first place regionally and third place globally, China had more than 28 million alerts recorded in q4, up from 22 million in q3. Meanwhile, Australia moved into the top five, supplanting South Korea with 2.5 million attacks recorded. The United States remained firmly in first place as the top target country for web application attacks, with more than 238 million attack triggers recorded in q4, down from 323 million in q3. Although the United States continued to be the largest target country by far, its 29% quarter-over-quarter drop in recorded attacks outpaced the global 9% drop in attacks. Meanwhile, Brazil remained in second place as Source Countries for Web Application Attacks — Worldwide, Q4 2017 Figure 3-2: The United States tops the list for source countries for web application attacks in Q4 2017 Country Attacks Sourced Percentage United States 128,013,378 32.0% Netherlands 47,433,432 11.9% China 28,171,775 7.1% Brazil 22,945,844 5.7% Russia 18,370,802 4.6% Ukraine 17,182,960 4.3% India 16,489,773 4.1% Germany 13,046,096 3.3% United Kingdom 12,790,735 3.2% Canada 12,634,269 3.2% <100,000 1M – 5M 10M – 25M 5M – 10M NA >25M 100K - 1M Web Application Attack Source Countries — EMEA, Q4 2017 Figure 3-3: The Netherlands claimed the top spot for source countries in EMEA Country Attacks Sourced Global Rank Netherlands 47,433,432 2 Russia 18,370,802 5 Ukraine 17,192,960 6 Germany 13,046,096 8 United Kingdom 12,790,735 9 <100,000 1M – 5M 5M – 10M NA 100,000 – 1M than 5 million. Mexico and Argentina held the 4th and 5th positions in the Americas, with attack counts in the hundreds of thousands, as opposed to the millions seen in the top three. China, India, and Japan maintained their rankings this quarter as the top three attack source countries in the Asia Pacific region. In first place regionally and third place globally, China had more than 28 million alerts recorded in q4, up from 22 million in q3. Meanwhile, Australia moved into the top five, supplanting South Korea with 2.5 million attacks recorded. The United States remained firmly in first place as the top target country for web application attacks, with more than 238 million attack triggers recorded in q4, down from 323 million in q3. Although the United States continued to be the largest target country by far, its 29% quarter-over-quarter drop in recorded attacks outpaced the global 9% drop in attacks. Meanwhile, Brazil remained in second place as Source Countries for Web Application Attacks — Worldwide, Q4 2017 Country Attacks Sourced Percentage United States 128,013,378 32.0% Netherlands 47,433,432 11.9% China 28,171,775 7.1% Brazil 22,945,844 5.7% Russia 18,370,802 4.6% Ukraine 17,182,960 4.3% India 16,489,773 4.1% Germany 13,046,096 3.3% United Kingdom 12,790,735 3.2% Canada 12,634,269 3.2% <100,000 1M – 5M 10M – 25M 5M – 10M NA >25M 100K - 1M Web Application Attack Source Countries — EMEA, Q4 2017 Figure 3-3: The Netherlands claimed the top spot for source countries in EMEA Country Attacks Sourced Global Rank Netherlands 47,433,432 2 Russia 18,370,802 5 Ukraine 17,192,960 6 Germany 13,046,096 8 United Kingdom 12,790,735 9 <100,000 1M – 5M 5M – 10M NA 100,000 – 1M

28. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM Top 10 Target Countries for Web Application Attacks, Q4 2017

29. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM

30. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM Threats vs Akamai Solutions Bot Manager Prolexic Routed & Connect Origin Genuine User Request Any non-HTTP/S Attacks directed at the website HTTP/S DDoS Attacks directed at the website HTTP/S Hacking Attacks directed at the website HTTP/S Hacking Attacks directed at the origin IP Small Scale DDoS Attacks directed at the origin IP Large Scale DDoS Attacks directed at the origin IP Bot Manager Premier Origin DNS Attackts against DNS Infrastructure Fast DNS Credential Abuse, Account takeover and human behavior Detection, control and mitigaron in real time of knowns and unknowns Botnets Kona Site Defender - Site Shield

31. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM WHAT DO YOU WANT TO PROTECT? Security starts with your business Your customers Securing PII, account balances, and transaction details, and more to preserve customer trust DNS services Ensure your DNS stays available, trustworthy, and fast, so users can find you Web applications Stop large and sophisticated denial of service attacks, web application attacks, and bot attacks Your employees Stop damaging breaches perpetrated through malware, ransomware, and phishing attacks APIs Extend application security to API endpoints that expand your attack surface in new ways Enterprise applications and data Provide secure access to enterprise applications while protecting against advanced threats Data centers Protect IT assets within your data centers from denial of service attacks and malware

32. The Dark Side of Web APIs Tony Lauro | Manager

    Enterprise Security Architecture Oh man, why did I give Tony these slides?!

33. • Why Focus on Web APIs? • Denial of Service

    • Application Layer Attacks • Credential Abuse • API Threats & Observations from Protecting Billions of Requests per Day

34. Application Programing Interface

35. APIs are Pervasive… we are looking at the result of

    one right now!
36. None

37. APIs are Pervasive… we are looking at the result of

    one right now!

38. APIs are Pervasive… we are looking at the result of

    one right now!

39. 144.7B Total HTTP Requests 36.6B API Calls Accelerated to Origin

    65% Mobile APIs 35% AJAX, Web, Other APIs are Pervasive… Let’s Look at a Single Day’s API Activity

40. 51% 36% 11% 0% 0% 2% 25% 56% 10% 4%

    2% 3% JSON Form-Data XML Plain Text Binary Other REQUEST CONTENT-TYPE Standard Web vs API Calls

41. Why Focus on Web APIs? • Web APIs are pervasive,

    and growing Already greater than 25% of all HTTP requests • The Web APIs are critical to delivering the rich, relevant, personalized experiences across websites, single page apps, mobile apps, progressive web apps Which makes them a great asset to attack! • Your Web APIs are the front door to your data… Which makes them a great asset to attack!

42. OPEN SIMPLE APIs Rule! APIs Rule!

43. TOP API THREATS App Layer Attacks Denial of Service Credential

    Abuse Denial of Service

44. https://krebsonsecurity.com/tag/ddos-for-hire/ Akamai Intelligent Platform

45. None
46. None
47. None
48. None
49. None
50. None
51. None
52. None
53. None

54. 200000

55. None

56. TOP API THREATS App Layer Attacks Denial of Service Credential

    Abuse
57. None

58. APPLICATION LAYER API ATTACKS 76% 13% 6% 3% 2% 0.01%

    SQL Inject ion Local F ile In clude Code Inje ction Comma nd Inje ction X SS R emot e F ile In clude

59. PUT http://pdg03-www.scoe-sil.net/api/user/3 Authorization: Token ce0d69e2f759c6705dd763c8f0c8be14554d7e18 User-Agent: Dalvik/1.6.0 (Linux; U; Android

    4.2.2; AndyOSX Build/JDQ39E) Content-Length: 415 Content-Type: application/json; charset=UTF-8 { "active": 1, "created_on": "2017-01-13 13:47:23", "credit_card": null, "credit_card_cvv": null, "credit_card_expires": null, "email": "[email protected]", "first_name": "John", "id": 3, "last_login": "2017-01-13 14:04:24", "last_name": "Doe", "oauth_provider": null, "oauth_uid": null, "password": null, "photo": null, "recover_passw": null, "rest_token": null, "user_phone": "6175551212", "username": "aedge" }

60. PUT http://pdg03-www.scoe-sil.net/api/user/3 Authorization: Token ce0d69e2f759c6705dd763c8f0c8be14554d7e18 User-Agent: Dalvik/1.6.0 (Linux; U; Android

    4.2.2; AndyOSX Build/JDQ39E) Content-Length: 678 Content-Type: application/json; charset=UTF-8 { "active": 1, "created_on": "2017-01-13 13:47:23", "credit_card": null, "credit_card_cvv": null, "credit_card_expires": null, "email": "[email protected]", "first_name": "Akamai", "id": 3, "last_login": "2017-01-13 14:04:24", "last_name": "Edgey", "oauth_provider": null, "oauth_uid": null, "password": null, "photo": null, "recover_passw": null, "rest_token": null, "user_phone": "1231231234', `first_name` = (SELECT `full_name` FROM `tbl_customer_address` WHERE `id` = 7), `last_name` = (SELECT `address_line_1` FROM `tbl_customer_address` WHERE `id` = 7), `user_phone` = (SELECT `zip` FROM `tbl_customer_address` WHERE `id` = 7), `email` = 'success", "username": "aedge" }
61. None
62. None
63. None
64. None
65. None
66. None
67. None
68. None

69. TOP API THREATS App Layer Attacks Denial of Service Credential

    Abuse

70. 413.4M Login Requests 27.9M Unique IP Addresses 48.7K Internet Hosts

    42% Only API Calls (JSON, XML, SOAP) 55% Only Forms Login 3% Use Both 78% Mobile Logins 22% Browsers, IoT Single Day’s Login Activity
71. None

72. Password Another password ONE MORE PASSWORD Password YET ANOTHER PASSWORD

    The average user uses over 50 different services requiring a password People have limited memory (and they are often lazy) FACT FACT Password Password PEOPLE USE THE SAME PASSWORD EVERYWHERE

73. It only takes one site to leak... Many large scale

    breaches of highly trusted services

74. ANATOMY OF CREDENTIAL ABUSE CAMPAIGNS

75. ANATOMY OF CREDENTIAL ABUSE CAMPAIGNS WHAT TOOLS DO THEY USE?

76. None

77. ANATOMY OF CREDENTIAL ABUSE CAMPAIGNS

78. 591.7M Login Requests 34.2M Unique Credentials 98 Akamai Accounts 67%

    Of all login requests were fraudulent 394M

79. CAMPAIGN ANALYSIS 1,000,000 4,000,000 St andar d Web APIs Average

    Campaign Size (By Number of Accounts) ATTACKERS ATTEMPT x4 MORE STOLEN ACCOUNTS THROUGH API LOGINS!
80. None

81. • Why Focus on Web APIs? • Denial of Service

    • Application Layer Attacks • Credential Abuse • API Threats & Observations from Protecting Billions of Requests per Day • Foundational to modern web architectures and experiences • High value targets for attacks

82. Understanding your Credential Stuffing Attack Surface Xavier Daspre, Senior Enterprise

    Security Architect EMEA, Akamai Technologies

83. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Sign In CS User name Password

84. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. CS User name Xavie Password Let’s talk credential stuff Sign In Sign In in r g

85. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

86. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Sign In CS Xavier Let’s talk credential stuffing

87. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Sign In CS Xavier Let’s talk credential Sign In stuffing

88. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Sign In ABC User name Password

89. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. ABC User name Xavier Password Let’s talk credential Sign In Sign In stuffing

90. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Sign In AFF User name Password

91. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. AFF User name Xavier Password Let’s talk credential Sign In Sign In stuffing

92. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. My-Carrier 12:00 PM 21% Edit Hello! Sign in to access your money. Sign In User name Password

93. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. My-Carrier 12:00 PM 21% Edit Hello! Sign in to access your money. Sign In User name Xavier Password Let’s talk credential Sign In stuffing

94. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Xavier D paid Joe Sm ith for the lulz Like Com m ent $-1,999.00 1m Xavier D paid AdultFriendFinder for XoXoXo Like Com m ent $-1,000.00 1m Xavier D paid Need M ulaah for alcohol and drugs Like Com m ent $-1,500.00 1m Xavier D paid YouGotPwned for 10QSucka Like Com m ent $-1,999.00 1m Xavier D @Xavier_D Member since Yesterday Account balance: $6,500.00 My-Carrier 12:00 PM 21% Edit $4,501.00 $3,501.00 $2,001.00 $2.00 2m 3m 4m 2m 3m 2m

95. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Xavier D paid YouGotPwned for 10QSucka Like Com m ent $-1,999.00 1m Xavier D paid Need M ulaah for alcohol and drugs Like Com m ent $-1,500.00 2m Xavier D paid AdultFriendFinder for XoXoXo Like Com m ent $-1,000.00 3m Xavier D paid Joe Sm ith for the lulz Like Com m ent $-1,999.00 4m Xavier D paid YouGotPwned, Need M ulaah, AdultFriendFinder, and Joe Sm ith Like Comment WTF? $-6,498.00 Xavier D @Xavier_D Member since Yesterday Account balance: $2.00 My-Carrier 12:00 PM 21% Edit

96. © 2 0 1 6 A K A M A

    I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. Xavier D paid YouGotPwned, Need M ulaah, AdultFriendFinder, and Joe Sm ith Like Comment WTF? $-6,498.00 Xavier D @Xavier_D Member since Yesterday Account balance: $2.00 My-Carrier 12:00 PM 21% Edit WTF?

97. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM HOW IT HAPPENS Credential stuffing in the bot kill chain Reconnaissance Weaponization Delivery Exploitation Action Bot m anagem ent • Pros: good vs. automation • Cons: not good vs. humans Fraud prevention • Pros: knows individual users • Cons: high cost, account already compromised • Identify target website with high account value • Purchase list of stolen credentials on dark web • Build or rent a botnet to automate validation • Build or buy software tools to evade detection ü • Purchase compromised account for target site • Use purchased account credentials to login • Perform fraudulent transactions using compromised account OBJECTIVES SOLUTIONS • Validate list of stolen credentials against login page of target website • Resell validated account credentials on dark web © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

98. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

99. © 2 0 1 8 A K A M A

    I | F A S T E R F O R W A R D TM © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

100. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Money lost to fraud per compromised account 25% 29% 22% 14% 10% L ess th an $ 10 0 $ 10 0 to $ 50 0 $ 50 1 to $ 1,0 0 0 $ 1,0 0 1 to $ 5,0 0 0 Mor e th an $ 5,0 0 0 P o n e m o n — T h e C o s t o f C r e d e n tia l S tu ffin g , O c t 2 0 1 7 BUSINESS IMPACT Understanding the cost of credential stuffing Number of accounts targeted per attack 19% 35% 28% 11% 7% 1 to 1 00 1 01 to 5 00 5 01 to 1 ,00 0 1 ,00 1 to 5 ,00 0 Mor e th an 5 ,00 0 Number of credential stuffing attacks per month 0% 41% 38% 12% 9% No ne 1 to 5 6 to 10 1 1 t o 2 0 More th an 2 1

101. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Industry IPs Participating Login Requests % of Total Requests Gaming 7,712,894 1,358,045,044 61.30% Hotels & Resorts 122,026 232,309,946 10.49% Cards & Payments 477,507 148,304,255 6.69% Department Stores 326,151 104,748,065 4.73% Commerce Portal 66,321 60,199,822 2.72% Banking 349,474 55,356,808 2.50% Airline 86,346 41,004,594 1.85% Cosmetics 82,808 38,197,524 1.72% Consumer Software (B2C) 224,707 28,202,339 1.27% Social Media 127,396 26,557,605 1.20% Enterprise Software (B2B) 21,290 25,383,158 1.15% Consumer Electronics 50,984 25,264,381 1.14% Apparel & Footwear 66,414 19,692,260 0.89% Online Travel Agents 102,555 8,935,366 0.40% Federal 3,403 7,454,257 0.34% INDUSTRY BREAKDOWN A 1-week view into Akamai customers

102. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM • Majority of IPs performing credential stuffing make less than 1 request per minute • Average is 28 requests per hour • Maximum request rate observed from a single IP during the sampled period - 625,000 requests per hour (173 login requests per seconds) Rate Controls are only effective against the rare bots that fall outside typical human request rate thresholds ATTACK CHARACTERISTICS What an attack looks like

103. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM CONSEQUENCES Wide-ranging impacts of credential stuffing 5% 17% 41% 43% 50% 63% 67% Othe r Damag ed bra nd equ ity fro m news stori es or socia l med ia Lo s t bu s i ness due to c u s t omers sw i tchin g t o compe tito rs Compro m i s e d a c cou nts le ad ing to fra ud-r ela ted fin an c i al loss e s Lo wer custo m e r s a tisfacti on Cost to re m e dia te c omp romis e d accoun ts App li c a tio n d ownti m e fro m larg e spikes in lo gi n tra ffi c

104. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM RESPONSIBILITY Dispersed throughout the organization 5% 2% 3% 3% 9% 13% 16% 20% 21% 28% 3% 40% O t her C om p l i ance / audi t C EO / C O O H ead of l egal D at a cent er / I T oper at i ons Web host i ng ser vi ce pr ovi der H ead of r i sk m anagem ent C I SO / C SO Fr au d pr event i on / m a nagem en t C I O / C TO Li ne of b usi ne ss / m anagem ent N o on e f unct i on has over al l r esponsi bi l i t y

105. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM CASE STUDY Top 10 global financial services institution As one of largest financial asset management companies, this organization sees high bot traffic, including financial aggregators as well as credential stuffing and other fraud-related activities. Result Dramatic reduction in account takeovers to 1-3 per month and fraud-related losses to $1-2k per day—across all login endpoints Solution Behavioral-based bot detections deployed in deny in front of every consumer login endpoint Problem 8,000 account takeovers a month across multiple login endpoints, leading to $100k per day in direct fraud-related losses û

106. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM TRANSACTIONAL ENDPOINTS Two types of bots 1. Scraping Bots 2. Transactional Bots Example1 : Price Scraping (Good or Bad) Example2 : Content Scraping (Good or Bad) Example3 : Google Web Crawler (Good)

107. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM TRANSACTIONAL ENDPOINTS Two types of bots 1. Scraping Bots 2. Transactional Bots Example 1 : Login Attack :: Credential Abuse (Bad) Example 2 : Fake Account Signup (Bad) Example 3 : Concert Ticket Grabbers (Bad)

108. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Random ized user agent Browser im personation Session replay Full cookie support JavaScript support Browser fingerprint spoofing Recorded hum an behavior Rate limiting M ultiple IPs Low request rate Single IP EVOLVING BOT LANDSCAPE Bot technologies and detection © 2 0 1 7 A K A M A I | F A S T E R F O R W A R D TM IP blocking HTTP anomaly detection Browser fingerprinting User behavior analysis Simple Sophisticated

109. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM BEHAVIOR ANOMALY Detecting the most sophisticated bots Analysis Engine Asynchronous server-side analysis Bot Detection Hum an or bot with high accuracy Behavioral Data Client-side data collection User behavior signals Device + browser characteristics Limited obfuscation required Advanced machine learning tracks human and bot behavior across Akamai platform Signal processing w/hundreds of signals Limited human intervention required (i.e., no more whack-a-mole) Highly accurate; target <0.2% FP

110. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM HOW IT WORKS Bot detection with Akamai End User Akamai JS 1 Merchant Web/ Mobile Server Akamai Edge Customer Post 2

111. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM HOW IT WORKS Protecting mobile apps and infrastructure © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM 1. Administrator defines mobile endpoint in Luna 2. Developer downloads and adds static lib to the project 3. App initializes SDK upon startup to start collecting sensor data 4. App calls SDK with Get Sensor Data on call to protected endpoint 5. App appends sensor data in request to header or POST body 6. Sensor data analyzed and appropriate action taken at Edge 7. Sensor data (max 8k) stripped before delivering request to origin S D K 4 5 6 7 1 2 3 O b j- C A P I iO S 8 a n d a b o v e S ta tic F r a m e w o r k S D K a p p im p a c t: 3 0 0 K B J a v a A P I A P I 1 5 a n d a b o v e ( A n d r o id 4 .0 .4 ) S D K s iz e : 6 5 K B , D E X C o u n t 5 1 2

112. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Simplest to deploy and maintain SEAMLESS INTEGRATION No application changes Seam less injection of JavaScript code while delivering the page m eans no disruptive application changes required ü Transparent updates Regular updates to bot detections and JavaScript code com pletely transparent to custom ers and end users Fast deployment Architecture as a layered solution on the Akam ai platform enables rapid integration of protected endpoints 18: … 21: … Apr 4 03: … 06: … 09: … 12: … 15: … 18: … 21: … Apr 5 03: … Lower overall LOE After this top global airline saw a spike in bot activity, Akam ai integrated two new endpoints, tuned bot detections, and set Bot M anager to deny in <2 hours. Integration © 2 0 1 8 A K A M A I | F A S T E R F O R W A R D TM

113. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM HOW TO PRIORITIZE Start looking at your sites now In Home Security, you don’t just protect the front door. Neither should you focus on the obvious access points to their applications. Start taking an inventory of all necessary transactional endpoints you should protect and their URL category (Desktop, Mobile, API or Hybrid).

114. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM CONCLUSION Summary and recommendations • Credential stuffing attacks are at elevated levels within financial and retail services • Monitor for increase in failed logins – Credential stuffing attacks are often mistaken for DDoS • Monitor Call Center for increases in account lockouts • Information sharing, inclusive of verticals outside FS and retail, appears to be useful • Consider biometric detection techniques for more sophisticated attackers

115. Why You Need a Zero Trust Security Model & Deep

     Dive into Malware, Ransomware & Data Exfiltration Trends Andy Crail, EMEA Manager Solutions Engineering, Enterprise Solutions, Akamai Technologies

116. Zero Trust Security What it is & why you need

     it Andy Crail [email protected] Solutions Engineering Manager, EMEA

117. There is no INSIDE

118. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM There is no INSIDE

119. © 2 0 1 7 A K A M A

     I | F A S T E R F O R W A R D TM “As businesses monetize information and insights across a complex business ecosystem, the idea of a corporate perimeter becomes quaint - even dangerous.” Excerpt from Forrester’s Future-Proof your Digital Business with Zero Trust Security

120. Grow revenue opportunities with fast, personalized web experiences and manage

     complexity from peak demand, mobile devices and data collection. Bottom line: security perimeters belong in the past

121. What’s Zero Trust? Key principles: • Assume a hostile environment

     • Don’t distinguish between external & internal • Never trust and only deliver applications/data to authenticated & authorized users/devices • Always verify with logging & behavioral analytics

122. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM That Idea & Zero Trust Are Catching On https://www.usenix.org/node/208152 https://www.usenix.org/conference/enigma2018/presentatio n/hildebrandt

123. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM You Have Choices, Each With Pros & Cons Option #1 Network Segmentation Option #2 Software Defined Perimeters Option #3 Identity Aware Proxies

124. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Embrace Zero Trust With Akamai Threats App C&C App App AUP One cloud platform to secure all enterprise apps and users • Identity and app access • Single sign-on with multi-factor authentication • App performance & security • Advanced threat protection • Inline data inspection

125. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Centralize security & access controls For specific apps across I/SaaS and on-prem Multi-factor auth for enterprise apps Supports email, SMS, TOTP or Duo Secure Access To On-Prem, Iaas & SaaS Apps SaaS A D / L D A P On-prem IaaS TLS m TLS m TLS SAM L Single sign-on for all enterprise apps Across I/SaaS and on-prem Keep users off the corporate network Make your infrastructure invisible on the Internet A p p # 1 A p p # 2 A p p # 3 Identity & Access SSO & MFA App Security App Delivery & Acceleration

126. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Core Enterprise App Access Use Cases Secure access to cloud apps VPN elimination Secure 3rd party app access Mergers & acquisitions

127. © 2 0 1 7 A K A M A

     I | F A S T E R F O R W A R D TM Who Doesn’t Want Free Airline Tickets?

128. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Majority Of Advanced Threats Leverage DNS DNS lookup Time to first byte Initial connection Content download malware.com 70 ms 60 ms 60 ms 140 ms 91.3% of known bad malware uses DNS Source: Cisco 2016 Annual Security Report

129. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Proactive Malware Protection Using DNS WWW DN S Identify and block access to malicious domains - everywhere Refuse requests to or communication with malicious domains known to host sites used to deliver malware or for phishing Disrupt communications from compromised devices Severs existing connections from infected devices to malicious actors’ command & control infrastructure Prevent DNS-based data exfiltration Stops malicious actors from using the DNS protocol to extract enterprise data Prevent access to inappropriate content Easily enforce an enterprise’s acceptable Internet usage policy effectively and consistently Threats C&C AUP Recursive DNS Cloud Security Intelligence AUP Enforcement Intelligence from 2.2 Trillion DNS a day

130. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Core Enterprise Threat Protector Use Cases Simply improve security posture Increase security team operational efficiency Guest Wifi acceptable usage enforcement Off-net/on-net control and protection

131. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM No Inside No VPN No Passwords Every app seems like SaaS Every office is a hotspot WE DRINK OUR OWN CHAMPAGNE

132. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Zero Trust Adoption Best Practices 1. Conduct a Threat Check to determine exposure of devices to malware/phishing 2. Consider a Zero Trust Architecture Assessment to develop a comprehensive plan to migrate from your current architecture to your goal Zero Trust architecture a. Profile users and apps b. Develop a customized phasing plan 3. Stop accumulating technical debt by publishing new apps based on Zero Trust 4. Begin migration of your Web apps, since they are easy to move to Zero Trust 5. Once you’ve addressed low hanging fruit with new apps and web apps, work to migrate legacy apps to Zero Trust based on the Zero Trust Architecture Assessment plan you developed earlier 6. Work to decommission legacy access, including VPN and privileged corporate WiFi/Ethernet segments 1 2 3 4 5 6

133. akamai.com/zerotrust

134. Advanced Threat Insights Malware, phishing, and DNS-based data exfiltration in

     the wild @Akamai

135. Akamai delivers ~2.2 Trillion DNS requests daily

136. So what have our data scientists & threat researchers FOUND?

137. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Malware Delivery Is Majority Of Malicious Traffic Malware • Connection to known malicious domains associated with malware delivery CNC • Connection to domains associated with command and control infrastructure Phishing • Connection to known malicious domains associated with phishing DNS based data exfiltration • Connection to domains associated with DNS based data exfiltration

138. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Crypto-Mining & Botnets Are In Vogue

139. © 2 0 1 8 A K A M A

     I Coin Mining High risk to system s availability Potential risk also to confidentiality of system s Dom ains incl. coinhive[.]com , jquery- uim [.]download., m inergate[.]com ., authedm ine[.]com Coin Mining and Simda Botnet communications detected from corporate endpoints Threat events 121.4K % Malware 15% % C&C 83% Simda Botnet System s infected with Sim da m ay allow cyber crim inals to harvest user credentials, including banking inform ation, install additional m alware, or cause other m alicious attacks Dom ains incl. pres[.]serverhom e[.]com AUP events N/A % Phishing 2% Top Global Media Company

140. © 2 0 1 8 A K A M A

     I APT Variant MiniDuke Used as Trojan that opens a backdoor and potentially allows the download of additional m alware Dom ains incl. www[.]eam tm [.]com Android based malware and Onedrive phishing clicks detected from corporate endpoints Android Based Trojan Dom ains incl. c[.]px9y94[.]com Threat events 121.4K % Malware 8% % C&C 10% AUP events 244.6K % Phishing 2% % Blacklist 80% Onedrive Phishing Campaign Dom ains incl. dwerap[.]cf Online & Store Retailer

141. © 2 0 1 8 A K A M A

     I Valyria Trojan This Trojan arrives as an attachm ent to em ail m essages spam m ed by other m alware/grayware or m alicious users Dom ains incl. lapelim m ortelle{.}com {.}au Corporate HQ shows significant amount of acceptable usage policy (AUP) violations Threat events 1.5M % Gambling 33% AUP events 3.4K % Pornography 22% % Dating 42% Coin Mining High risk to system s availability Potential risk also to confidentiality of system s Dom ains incl. datasecu{.}download, jqcdn{.}download Top Restaurant Chain

142. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM School District “Even small school districts get targeted attacks.” IT Manager High risk to system s availability Potential risk also to confidentiality of system s Dom ains incl. coinhive[.]com , load[.]jsecoin[.]com Social engineering is the art of m anipulating people to perform actions and / or extract inform ation, and as such phishing Dom ains incl. reddit[.]co Coin Mining Social Engineering Malware Distribution Drive-by downloads, phishing or or other dom ains associated with m alware delivery Dom ains incl. W orldnaturenet[.]xyz, eluxer[.]net 97% Malware 2% C&C 1% Phishing

143. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. akamai.com/etp

144. © 2 0 1 8 A K A M A

     I | F A S T E R F O R W A R D TM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. akamai.com/threat-check