As a Content Delivery Network (CDN) and cloud security provider, Akamai’s platforms sit on the Internet between users and the services that they are trying to access, capturing data on trillions of transactions and attacks on a daily basis. This data is used in several ways to improve and augment Singtel’s Web Security Services.
Akamai uses most of the data from its cloud security platforms to enhance the accuracy of its security solutions, research new attacks and defensive technologies and build new products that help Singtel’s customers to protect their websites more effectively.
For example at the network layer, Akamai gathers intelligence on events such as network probing, scanning and reflection attacks. George cited the example of the Mirai worm which, as it propagates through network connections, uses a combination of commands which shows up in the Akamai data sets.
With this intelligence embedded in Singtel’s Web Security Services, enterprises will be able to uncover suspicious activities going on within their domain. For example, they will be able to see which IP addresses within Singapore or their organisation are engaged in malicious activities and then perform a clean-up on compromised devices.
They can also look at the trends within their industry to see if they are likely to be hit, and decide if they need to take on a more aggressive posture. For example, they may want to prioritise the refresh of their security tools to defend themselves across the most common attacks in their industry.
The intelligence also helps enterprises to better manage the risks associated with device hardware and software. For example, it helps shed light on things that are outside the norm such as old systems, unpatched browsers or equipment that is not supposed to be there.