Akamai Improves Bot Manager to Defend Against Credential Stuffing

Technology from Akamai's acquisition of Cyberfend is now integrated into Bot Manager Premier, providing protection from credential stuffing attacks.

Akamai-botmanager-1088x725

Among the most common type of attacks that hit the Akamai platform on a daily basis is one known as credential stuffing. In such an attack, automated bots aim to reuse passwords and credentials harvested from other sites and data breaches to exploit new systems.

At the Akamai Edge conference on Oct. 11, Akamai announced an enhanced technology offering called Bot Manager Premier to help identify and block advanced credential stuffing attacks. Bot Manager Premier integrates bot detection technology Akamai acquired from Cyberfend in December 2016.

"Pretty much everything depends on the internet today, and that means that pretty much everything is vulnerable," Tom Leighton, co-founder and CEO of Akamai, said during his Akamai Edge keynote speech.

Akamai already provides organizations with distributed denial-of-service (DDoS) attack mitigation capabilities, according to Leighton. DDoS attacks are typically volumetric and attempt to overwhelm sites and services with large amounts of traffic. Akamai also has the Kona Web Application Firewall (WAF) service, which defends against application layer attacks.

While Kona is able to filter out some attack types, Leighton said many modern attackers use traffic that appears on the surface to be normal. That's why there is a need for the Bot Manager technology.

"Account hacking is a huge problem. Across our platform we're now seeing that approximately two-thirds of log-in attempts are actually malicious," he said. "The bots are getting really good at getting past traditional defenses."

Bot Manager Premier 

Akamai already had its Bot Manager standard edition in the market prior to the Cyberfend acquisition 2016. With the standard edition, Akamai provides protection against web scraping, content aggregation and general bot management capabilities. The new Bot Manager Premier offering integrates Cyberfend capabilities to provide protection against credential abuse and web fraud.

"Since the acquisition, the Cyberfend data scientist team has continued evolving the original detections with access to a greater breadth and variety of customer traffic, including bot traffic, afforded by the Akamai customer base," Josh Shaul, vice president of web security product management at Akamai, told eWEEK. 

Integrating Cyberfend with Bot Manager Premier means that Akamai can now deploy the credential abuse protection capabilities on the Akamai platform as part of the overall delivery of the protected website, he said. 

"While this sounds minor, it actually makes it significantly easier for customers to consume this technology," Shaul said. 

The original Cyberfend technology required users to make changes to their applications to integrate the JavaScript-based detections. With Bot Manager Premier, the detection capabilities can be injected at the Akamai Edge while delivering the website without requiring any application changes, he said. 

"This has a positive impact on both the deployment of Bot Manager Premier as well as ongoing changes by Akamai to detections and ongoing changes by the customer to their application," Shaul said.

The underlying infrastructure that enables Bot Manager Premier includes the use of custom algorithms with both supervised and unsupervised machine learning. Akamai is also providing a mobile software development kit (SDK) to enable developers to benefit from the Bot Manager service.

"The mobile SDK allows customers to bake the data collection component of Bot Manager Premier’s behavior anomaly analysis detections into their mobile app," Shaul said. "Once compiled, the mobile app essentially calls the SDK to collect the behavioral telemetry from the mobile device before sending it to Akamai to analyze."

With its DDoS mitigation, Kona WAF and Bot Defender services, Akamai is trying to do its part to help organizations stay safe on the internet, though it is an increasingly challenging environment.

"Why are big name companies not able to defend themselves? I don't think it's because the executives that work at those companies were stupid or careless," Leighton said during his keynote. "I think it's because we're up against some very large and well-funded adversaries, and on the internet it's a lot harder to defend than it is to attack."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.