Kona Rule Set provides the functionality similar to the old email antispam engines for web traffic, the more spam emails you see, the better the spam engine becomes to block spam emails. So the guys at Akamai can keep their policy up to date blocking a lot of 0-day attacks using automated tools to provide the highest level of security. ![]() All day every day the Kona platform is being attacked with application and DDoS attacks. Akamai delivers about 30% of the BW used on the Internet on any given day, so they see a lot of good traffic as well as bad. It uses anomaly scoring and Big Data to ensure that the changing nature of attacks on the Internet are caught and there are minimal false positives. Kona WAF is a highly distributed reverse proxy and WAF platform. Most likely the people who contribute to DevCentral are some of the brightest engineers on the planet can handle the ASM. To be a good WAF engineer, you will need the skills of a penetration tester who understand the networking as well as the application. So you will want to ensure you have the device setup correctly and have in-depth knowledge of all the inputs, forms, parameters, cookies, paths etc of your application. ![]() The challenge is managing the ASM.Īpplication security is 10 to 20 x harder to manage than network security. I can tell you that F5's ASM is a feature rich product and you can fix any vulnerability under the sun (as long as you can configure it and write irules). I can give you good insight into both as i used to work for F5 as a presales engineer and i am now the security presales specialist at Akamai.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |