- Akamai makes available a Computer Security Incident Response Team (CSIRT). Its purpose is to define incident response plans that will help enterprises to efficiently detect, contain and recover from computer security incidents. By taking timely, appropriate action, the CSIRT can respond to potential attacks before an organization's systems and networks are significantly altered or damaged. The swiftness with which an organization will recognize and respond to threats is crucial in minimizing the impact of and accelerating recovery from info security incidents.
The core responsibility of the incident response team is to respond systematically to security incidents when they happen, performing reactive services such as incident management, which involves taking action to identify the causes of an incident and restore and protect affected systems and networks. The CSIRT may also provide proactive services, offering assistance to IT and security personnel in order to improve an organization's security controls and processes. (1) This includes:
• Supporting security and auditing efforts through the implementation of best practice reviews, vulnerability scanning, and penetration testing.
• Ensuring the proper configuration, maintenance and patching of network security tools, applications, and systems.
• Developing new security tools and technologies and scripts that enhance the functionality of existing security infrastructure.
Akamai handles 15-30% of the world's total Web traffic, providing a unique view into what's happening on the Web - what events are generating traffic, how much, from where, and why. During a 24 hour period Akamai processes 134 million transactions. To support such monitoring Akamai has deployed the most pervasive, highly distributed cloud optimization platform with over 150,000 servers in 92 countries within over 1,200 networks.
That provides Akamai with an exceptionally detail understanding of the characteristics of Internet traffic. Akamai’s CSIRT assists in avoiding data theft and downtime by extending the security perimeter to the edge of the network to protect from increasing frequency, scale and sophistication of web and data center attacks. Proprietary methods include:
• Kona Site Defender: Offers multi-layered defense to protect websites against the increasing threat, sophistication and scale of attacks.
• Prolexic Routed: DDoS defence for protecting all data center infrastructures against large, complex attacks.
• Kona Web Application Firewall: Application-layer defense to protect against data theft through attacks like SQL injections and cross-site scripting.
• Site Shield: Origin defense by cloaking web infrastructure and reducing vulnerability.
• Fast DNS: DNS resolution that is fast, reliable and secure.
Akamai’s CSIRT should be engaged as one of the highly trusted cyber crime consultants in investigations that involve global attacks on the integrity of systems.