Skip to main content

General Documents

Automatically Block High-Fidelity Indicators Across Akamai API Security Suite

Category: Cyware Product

Cyware Products Used:

  • Intel Exchange 

Third-party Integrations Used:

  • Akamai Network Lists: Automate the blocking of malicious IPs and domains using dynamically updated network lists.

Problem Statement

In today’s cyber landscape, organizations must stay ahead of threats by proactively blocking access to malicious entities using comprehensive threat intelligence. This enables security teams to mitigate potential risks before they can impact the infrastructure.

Solution

Integrate real-time threat intelligence to automatically update and enforce security measures across network boundary systems and web applications. By leveraging Akamai’s capabilities, methods to identify and block malicious activities are enhanced, allowing preemptive threat neutralization.

Usecase_1.png
How do we solve this problem?

  1. Gather Threat Intelligence: The playbook begins by gathering high-fidelity threat intelligence from Cyware Intel Exchange.

  2. Process Risky Indicators: From the gathered intelligence, sort the intelligence based on risk and priority.

  3. Update Blocklists: Automatically update Akamai Network Lists with high-risk IPs and domains identified as threats.

  4. Share Email Update: Finally, the playbook updates relevant stakeholders on the blocklist update that has happened.

Optional Configuration

Enhance further by integrating additional compliance checks, such as confirming updated security configurations align with defined policies and including other threat feeds to expand the intelligence scope. Additional options can also include leveraging intel into solutions such as Akamai Bot Manager.

Benefits
Proactive Threat Protection

Mitigate risks posed by new threats using real-time updates to security measures.

Enhanced Incident Response

Improve response times and strategies by aligning threat blocking with real-time intelligence.

Centralized Management

Update blocklists in real time to enhance management efficiency by ensuring security controls are consistently applied.