Cyber Recovery Lead at a insurance company with 10,001+ employees
Real User
Top 5
2023-10-13T10:09:00Z
Oct 13, 2023
The custom rules must be improved. If we have a domain to be monitored, we can use the solution to alert us if a certain specification is met. If we need only 20,000 transactions, but there are 40,000 transactions, the product alerts us about it. We don't have the option to block it. The tool must provide the users with such options.
GM IT at a recreational facilities/services company with 1,001-5,000 employees
Real User
Top 10
2023-10-04T04:57:00Z
Oct 4, 2023
A lot of piracy happens in India and other countries. If there is a product for protection from piracy, it would be great. For example, there are multiple hackers that hack your event, and there are some channels that pirate and publish the event on some other website. We protect our streaming through DRM and different technologies. We are also protecting the website, but hacking is still happening. If they can work on protecting from piracy, it would be great.
Associate Director at a computer software company with 201-500 employees
Real User
Top 10
2023-10-04T04:55:00Z
Oct 4, 2023
I have given them a couple of suggestions through email. One thing I asked them is to integrate the API discovery product that they have and push that data into Akamai App and API Protector so that we do not have two types of reviews to identify the type of traffic. We already know the APIs that are frequently getting used, so analysis becomes easier. We can integrate both products and use them. Another request was to be able to segregate traffic for different app versions. A few of the APIs are already out in the market and are built into the applications. We cannot go and change those applications. Those applications are still being consumed, so we need a different strategy for those applications, whereas modern new applications are built using a different design. We have quite a lot of versions deployed since 2008, so designs are very different, and applying the rate limit for each API has its own challenges. Its pricing can be slightly better.
I do not see any area for improvement. Akamai is already maintaining its own databases for the security concerns, vulnerabilities, and attacks that are there. If anything, they should have a solution in the infrastructure security area as well. They should not be only in cloud cybersecurity; they should also be in infrastructure security.
Akamai App and API Protector is very new to me, so I do not have any insights on improvement areas for the product. However, when we ask for some help, it can take some time. We understand that the job is done by professionals, but if that time can be reduced, it would be great.
Learn what your peers think about Akamai App and API Protector. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
We did a PoC of Akamai and Cloudflare. One area where Akamai can improve is the captcha part. Cloudflare provides a captcha if there are a certain number of threats. For example, I can assign that if there are 10 requests within a second from a single IP, it should send a captcha to the user. The user should fill in the captcha, and only after that, the user should be able to access our website. This captcha feature should be built into Bot Manager. I love this captcha feature of Cloudflare. Other things are good in Akamai. That is why we are using Akamai. Only the captcha part should be implemented.
Dev Ops at a media company with 501-1,000 employees
Real User
Top 10
2023-10-02T10:47:00Z
Oct 2, 2023
There are some challenges. I have been interacting with their support about an issue. In terms of precedence of Akamai rules, the last one is implemented. That is the one that is operational. If two rules contradict, the last one is implemented. We had a clash, but it was really tough to find that out. I would like to have a rulebook because, in their architecture documentation, it is not mentioned anywhere that if two rules clash, the last one works, and if it does not work, then what to do. This is something we were debating today with their tech support. With AWS, we get documents for the issues so that they do not occur in the future. Akamai's support and knowledge base needs to be improved.
Chief Technologist at a financial services firm with 11-50 employees
Real User
2022-07-07T15:45:22Z
Jul 7, 2022
The custom rules were difficult to use. Overall, it works well. I don't have many complaints about it. Because it's a lower-end tool, it's not very good at dealing with bots and requires the use of a Bot Manager. It's fine for a simple tool, but as I recall, if you encounter a lot of bots, scrapers, and other things, you'll need this tool bot and this other thing they offer called Bot Manager.
Akamai App and API Protector provides website security by preventing DDoS attacks, acting as an application firewall, managing content delivery, and monitoring APIs. It adapts to threat profiles and is used for fast media delivery and identifying malicious activities.Akamai App and API Protector offers strong protection, adaptable security features, and efficient traffic management. Its WAF blocks IP addresses and country-specific threats while preventing SQL injections. Companies utilize it...
It could have better analytics and reporting visibility in the OEM console.
The custom rules must be improved. If we have a domain to be monitored, we can use the solution to alert us if a certain specification is met. If we need only 20,000 transactions, but there are 40,000 transactions, the product alerts us about it. We don't have the option to block it. The tool must provide the users with such options.
A lot of piracy happens in India and other countries. If there is a product for protection from piracy, it would be great. For example, there are multiple hackers that hack your event, and there are some channels that pirate and publish the event on some other website. We protect our streaming through DRM and different technologies. We are also protecting the website, but hacking is still happening. If they can work on protecting from piracy, it would be great.
I have given them a couple of suggestions through email. One thing I asked them is to integrate the API discovery product that they have and push that data into Akamai App and API Protector so that we do not have two types of reviews to identify the type of traffic. We already know the APIs that are frequently getting used, so analysis becomes easier. We can integrate both products and use them. Another request was to be able to segregate traffic for different app versions. A few of the APIs are already out in the market and are built into the applications. We cannot go and change those applications. Those applications are still being consumed, so we need a different strategy for those applications, whereas modern new applications are built using a different design. We have quite a lot of versions deployed since 2008, so designs are very different, and applying the rate limit for each API has its own challenges. Its pricing can be slightly better.
I do not see any area for improvement. Akamai is already maintaining its own databases for the security concerns, vulnerabilities, and attacks that are there. If anything, they should have a solution in the infrastructure security area as well. They should not be only in cloud cybersecurity; they should also be in infrastructure security.
Akamai App and API Protector is very new to me, so I do not have any insights on improvement areas for the product. However, when we ask for some help, it can take some time. We understand that the job is done by professionals, but if that time can be reduced, it would be great.
We did a PoC of Akamai and Cloudflare. One area where Akamai can improve is the captcha part. Cloudflare provides a captcha if there are a certain number of threats. For example, I can assign that if there are 10 requests within a second from a single IP, it should send a captcha to the user. The user should fill in the captcha, and only after that, the user should be able to access our website. This captcha feature should be built into Bot Manager. I love this captcha feature of Cloudflare. Other things are good in Akamai. That is why we are using Akamai. Only the captcha part should be implemented.
There are some challenges. I have been interacting with their support about an issue. In terms of precedence of Akamai rules, the last one is implemented. That is the one that is operational. If two rules contradict, the last one is implemented. We had a clash, but it was really tough to find that out. I would like to have a rulebook because, in their architecture documentation, it is not mentioned anywhere that if two rules clash, the last one works, and if it does not work, then what to do. This is something we were debating today with their tech support. With AWS, we get documents for the issues so that they do not occur in the future. Akamai's support and knowledge base needs to be improved.
It would be nice if Akamai Web Application Protector's price is lowered and made cheaper.
The product should provide a secure NTP. We would like Akamai to offer it rather than going to another vendor to buy it.
The solution could offer even more integrations.
The custom rules were difficult to use. Overall, it works well. I don't have many complaints about it. Because it's a lower-end tool, it's not very good at dealing with bots and requires the use of a Bot Manager. It's fine for a simple tool, but as I recall, if you encounter a lot of bots, scrapers, and other things, you'll need this tool bot and this other thing they offer called Bot Manager.