Name: 써드파티 스크립트 애플리케이션 보안: 침입 vs 탐지
Start: 2020-10-30T05:00:00Z
End: 2020-10-30T05:00:15.000Z
Location: BrightTALK

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

In the final episode of our three-part series, experience TrafficPeak's powerful real-time observability platform in action with product demos. Watch how you can leverage real-time insights to optimize your content delivery and enhance viewer engagement.

 During this interactive session, you'll discover how to: 

-Gain Instant Visibility: Explore TrafficPeak's intuitive dashboard to monitor key metrics such as latency, buffering rates, and content popularity in real-time. 
-Proactively Resolve Issues: Learn how TrafficPeak identifies performance bottlenecks, empowering you to troubleshoot problems before they impact your audience. 
-Maximize Content Impact: See how actionable insights can help you fine-tune content promotion strategies and improve user retention. 
-Simplify Operations: Discover automation capabilities that streamline caching decisions and improve overall delivery efficiency. 

Whether you're looking to improve streaming performance, drive engagement, or enhance your observability strategy, let this demo show you the power of TrafficPeak's capabilities.

Don't miss this opportunity to see TrafficPeak in action and innovate your streaming experience.

Ep. 3 - Experience Real-Time Observability: Join us for a Demo

In the second episode of our three-part series, we take a deep dive into real-world customer experiences with TrafficPeak’s edge observability. Join us for an exclusive subject matter expert fireside chat where we’ll explore how businesses across media streaming, e-commerce, and finance have successfully implemented cost-effective observability to overcome challenges and enhance performance.

You’ll be able to gain valuable insights into:


-Customer Success Stories – Learn how businesses are improving performance, reliability, and user engagement with real-time observability.
-Practical Applications – Understand how observability strategies can be tailored to optimize as per your needs
-Overcoming Industry Challenges – Discover how our customers tackle scalability, latency, security, and compliance hurdles.
-Impact of Cost-effective Solutions - See how affordable observability drives results without breaking the bank

Don’t miss this insightful discussion that bridges the gap between insights and real-world applications, highlighting impactful results.
 Stay tuned for our final episode, which will feature a live product demo showcasing the power of Trafficpeak’s observability platform.

Ep. 2 - Cost-effective Edge Observability in action: Customer Success Insights

In today's fast-paced digital landscape, real-time observability is crucial for delivering seamless experiences, ensuring system reliability, and optimizing performance across industries like media streaming, e-commerce, and finance. TrafficPeak on Akamai Cloud provides instant insights that drive smarter decisions and better outcomes.

Join us to discover how TrafficPeak on Akamai Cloud can help you:


-Real-Time Insights for Smarter Decisions –Instantly monitor user behavior, system performance, and content delivery to optimize operations.
-Enhance Performance & Reliability – Predict traffic surges, balance workloads, and resolve issues before they impact users.
-Optimize Costs & Resource Allocation – Streamline caching, network routing, and cloud spend to maximize efficiency.
-Improve Security & Compliance – Detect anomalies, mitigate threats, and meet industry-specific compliance requirements.
-Stay Ahead with Best Practices – Explore the latest trends in observability and learn how industry leaders are leveraging TrafficPeak.

This is the first episode of a three-part series—stay tuned for upcoming sessions featuring real-world customer case studies and a live product demo in the final episode.

Ep. 1 - Cost-effective Edge Observability with TrafficPeak

APIs are integral to modern applications including AI's operational and functional aspects. Vulnerabilities and misconfigurations in APIs can lead to severe consequences like data breaches, fines, and reputational damage.

Join our live API Security demo to discover how to:

-Gain complete visibility into your APIs, and the data they handle
-Instantly create an API inventory to meet regulatory compliance requirements
-Leverage AI and machine learning to analyze API transactions and detect posture and business logic vulnerabilities
-Automate workflows for alerts, ticketing, event logs, remediation guidance, and attacker blocking
-Reduce risks early with Shift-Left API testing during the development phase

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

AI-Powered API Security in Action

Generative AI reshapes API security, posing new threats and solutions. In this session, we will explore how malicious actors could leverage generative AI to exploit API vulnerabilities. And outline how Akamai integrates cutting-edge AI technologies to defend against these threats.

In this practical session, you will learn:

1. How generative AI is being used by attackers to discover vulnerabilities, and automate API exploitation

2. How Akamai API Security employs advanced AI models to identify suspicious patterns and predict threats in real time

3. Real-world examples of how generative AI is used in Akamai API Security to strengthen defenses

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

Generative AI and API Security: Staying Ahead with Akamai API Security

APIs have long been the important connective tissue that enables modern applications to function, interact, and scale effectively.

In the age of AI, APIs serve as the critical infrastructure that enables seamless communication between AI systems and other applications, facilitating real-time interactions between applications, data sources, and services.

However, as APIs become more integral to AI's operational and functional aspects, they also present a growing attack surface for cyber threats. 

In this session, you will learn:

 1. The Role of APIs in AI and Agentic Systems
 2. How compromised APIs can disrupt AI systems and expose sensitive data
 3. Top security risks affecting APIs and their impact
 4. Mitigating API risks with best practices and AI-powered tools
 5. Key takeaways and next steps

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

API security in the age of AI

Zero Trust isn’t just about security—it’s a critical pillar of cyber resilience. But how do you measure its impact? In this final episode of our cyber resilience webinar series, we’ll break down the real ROI of implementing Zero Trust and how Akamai Guardicore Segmentation helps you maximize security while minimizing costs.

Join us as we explore:

-How to reduce attack surfaces and simplify compliance, and enhance operational security
-How granular segmentation prevents lateral movement and minimizes business disruptions
-Real-world use cases and key metrics to quantify the financial and security benefits

Whether you’re starting or fine-tuning your security strategy, this session will equip you with insights to measure success, reduce risks, and enhance cyber resilience. Don’t miss this opportunity to take that final step in your Zero Trust journey!

Ensure Cyber Resilience: Maximizing ROI on Your Zero Trust Journey with Akamai

Achieving a solid network segmentation policy is only the beginning. In today’s dynamic threat landscape, even the most well-architected segmentation policies require continuous tuning and vigilance after deployment. This session dives deep into the evolving world of Day-2 network security — where static rules become liabilities, and policy maintenance is a continuous battle against misconfigurations, overly permissive access, and silent policy failures.

Join us to explore 7 critical real-world scenarios that expose hidden gaps in segmentation strategies — from overshadowed and zero-hit rules to unrestricted admin access and rogue remote tools. Learn how attackers exploit these weaknesses and how security teams can shift from a “set it and forget it” mindset to a proactive, adaptive approach.

We’ll cover actionable techniques to:
- Detect and eliminate overly broad or obsolete rules
- Enforce least-privilege communication at scale
- Use automation and traffic intelligence to continuously optimize your policy
- Bring hidden attack paths to light — before adversaries do

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Making Cyber Resilience Work for Critical Infrastructure

Modern cyber threats are more sophisticated than ever, bypassing even the most advanced security defenses. Akamai HUNT takes security to the next level by leveraging real-time segmentation data, third-party integrations, and cutting-edge telemetry to uncover and neutralize hidden threats before they cause damage. With no additional agent rollout required, organizations can seamlessly enhance their security posture while avoiding alert fatigue and unnecessary operational burdens.

In this webinar, we’ll walk you through the power of Akamai HUNT, real-world success stories, and a live product demo showcasing how security teams can detect and respond to advanced threats in real time.

What You’ll Learn:
- Understanding Akamai HUNT – How it enhances Guardicore segmentation and integrates with OSquery for deep visibility.
- Real-World Threat Hunting Scenarios – Case studies showcasing how Akamai HUNT identified crypto-mining malware, admin credential leaks, and PowerShell abuse.
- Advanced Threat Detection & Incident Response – How Hunt’s detection engine minimizes false positives and prioritizes the most critical threats.
- Live Demo – See how Hunt visualizes threats, maps attack paths, and provides actionable remediation steps.
- Security Best Practices & Future Innovations – Insights into upcoming enhancements to segmentation rules and proactive threat prevention.

Hunting the Most Evasive Cyber Threats With Akamai HUNT

It has been established that microsegmentation is a fast-growing essential business building block - from gaining visibility into your applications and workloads, developing your security posture, and enabling Zero Trust - microsegmentation represents exciting advancements for operational security.

But there are many approaches organizations have at their disposal, and understanding the tools and solutions that suit your business needs and requirements is essential for longevity and success.

In this session, we’ll be reviewing the solutions and tools available today, the mistakes to avoid, and how to set your business up for success.

Join Akamai and Enterprise Strategy Group Analysts as we discuss:

- Considerations before assessing Microsegmentation vendors
- Where historical microsegmentation tools have fallen short in the past, and the tools available today
- How you can gain visibility into your network using Microsegmentation
- AI and machine learning in the microsegmentation space
- And more!

Understanding Cyber Resilience: Why It’s Crucial for Your Business Now

Cyber threats are evolving—are your defenses keeping up? In the first episode of our series, we explored cyber resilience and how to stay operational in the face of attacks. Now, we’re taking it a step further.

From ransomware and advanced persistent threats to insider attacks, cybercriminals are finding new ways to infiltrate organizations.How do you defend against these threats? The answer is Network segmentation—a critical security strategy that isolates sensitive data and systems, limits damage, and enhances threat detection and response.

Join our experts as we explore:

-Top threats impacting cyber resilience, such as ransomware 
-Live demo showing how to prevent attackers exploiting network weaknesses
-Best practices for adopting stronger security measures.

Walk away with actionable insights to protect your business from emerging threats and ensure operational resilience.

Fortifying Cyber Resilience: Tackling Top Threats with Segmentation

Join us to understand how DDoS Attacks against the Financial Sector have moved from nuisance to strategic threat as well as how those same trends are impacting other industries. DDoS attacks have grown in complexity, scope and speed with many being driven by political vs cybercriminal goals, which require new risk analysis and protections. Financial Services Information Sharing and Analysis Center (FS-ISAC) and Akamai have teamed up to share:
 
• Trends in threat methodology, tactics, and motivations
• Attacks by region, infrastructure, and motivations 
• Best practices and maturity model to protect against DDoS

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector

Ransomware has quickly become one of the most severe threats to the financial sector, with attacks skyrocketing by 70% over the past year. Unlike typical cyber incidents, today’s ransomware assaults are multi-staged and highly targeted, designed to not only disrupt operations but also exfiltrate sensitive data and amplify pressure through direct outreach to clients and regulators. Financial institutions face unique risks, from compromised reputation to operational paralysis, and require tailored defenses to stay protected.

In this webinar, our cybersecurity experts will reveal FS-ISAC’s latest findings on ransomware trends and defense strategies tailored for finance. Attendees will learn to build resilient defenses, create rapid response plans, and navigate high-stakes decision-making, equipping them with the critical tools needed to secure their organizations.

What You’ll Learn:
- Anatomy of a Ransomware Attack: From initial breach to quadruple extortion, learn the stages and tactics that make ransomware so disruptive to financial firms.
- Defense Essentials: Key cybersecurity fundamentals—like Zero Trust policies, multi-factor authentication, and isolated, resilient backup solutions—to stop ransomware in its tracks.
- Crisis Management and Compliance: Build an agile incident response plan, manage communication with clients, and navigate global regulations to reduce impact.
- Informed Decision-Making: Weigh the complex risks and compliance factors in ransom payments, with guidance for safeguarding both your operations and reputation.

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our webinars.

Ransomware Readiness for Financial and Critical Industries

Join us for an exclusive webinar featuring a real-world success story from one of our customers who transformed their security posture through microsegmentation. In this live session, you’ll hear firsthand from Network Security Architect, Quynn Kars, and Network Security Engineer, Evan Martinez, on how they decided they needed a change, why their company chose microsegmentation, and how they compared pricing to legacy firewall options. Discover the strategic decisions, implementation best practices, and lessons learned throughout their journey—from initial planning and beyond. Whether you're just starting to explore microsegmentation or looking to optimize your existing approach, this webinar offers valuable insights and practical takeaways.

What You’ll Learn:
- Key drivers behind their decision to adopt microsegmentation
- Obstacles they encountered—and how they overcame them
- Tangible outcomes and metrics demonstrating success
- Recommendations for organizations considering microsegmentation

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Hear from a Peer: A Segmentation Journey told by an Akamai customer

Security buyers face endless claims about protection efficacy — but how do you separate marketing from measurable reality?

In this session, SecureIQLab and Akamai break down the results of the industry’s only recurring, standards-based comparative WAAP test. Join Cameron Camp, Analyst Security Researcher and Akamai’s Brent Maynard, to learn how independent testing is conducted, why resiliency and false-positive avoidance matter as much as detection rates, and where most vendors still fall short.

We’ll share Akamai’s top-performing results, key market learnings, and the practical questions every security leader should ask when evaluating a WAF or WAAP. Walk away with actionable insights to validate your current defenses and strengthen your buying decisions.


Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Independent Testing, Real Results: How Secure Is Your WAAP?

As apps and APIs spread across cloud, on-prem, and hybrid environments, securing them consistently can be a challenge.

Watch this on-demand session to explore Akamai App & API Protector Hybrid — and see how you can extend powerful WAAP capabilities beyond the Edge.

What you’ll learn:
- How to unify WAF policy enforcement across environments
- How to secure East-West and North-South traffic with built-in resiliency
- Strategies to simplify operations and reduce vendor complexity

Whether you're modernizing infrastructure or closing WAF coverage gaps, this session offers practical guidance to help protect what matters — wherever it runs.

Extend WAF Protection Across Environments

Companies are spending billions in AI, building apps like customer service chatbots and decision tools to help customers select the best products. And there is much riding on these apps – organizations expect these big investments to create revenue, streamline operations, and reduce costs. Unfortunately, along with the new opportunities come new threats.

AI-driven applications are non-deterministic, giving different results every time even when given the same input. And because of this, bad actors can manipulate and attack these apps in unique ways. These attacks often go unseen and undetected, so you could suffer significant damage before you realize what happened. In this talk, we’ll show you how you can protect yourself from these new dangers.

Find out:
- The most misunderstood risks of AI apps
- The most common attacks and how they hurt companies’ top and bottom lines
- How security teams and business leaders can partner successfully to get the most ROI from AI apps
- Questions to ask when evaluating AI Security solutions

Securing AI-Driven Apps: Stopping Attacks Before They Stop You

신용카드 스키밍(skimming)은 오랫동안 보안팀의 도전과제였습니다. 해커들은 물리적 디바이스에서부터 폼재킹, 스크립트 인젝션과 같은 온라인 정보 수집 공격에 이르기까지 웹 보안 시스템보다 앞서 나가기 위해 지속적으로 전략을 발전시키고 있습니다. 최근에 꾸준히 증가하는 스키밍 방식은 애플리케이션에 존재하는 파트너·공급망 써드파티 스크립트를 활용합니다. 앱으로 들어오는 수상한 침입을 차단하는 기존의 방식도 유용하지만, 벌금이 증가하고 대규모 유출이 발생하고 있다는 점을 고려할 때 개인식별정보(PII)가 탈취되는 것을 막을 수 있는 조치를 반드시 마련해야 합니다.
 
발표 내용은 다음과 같습니다.
Magecart 공격의 역사와 규모
써드파티 스크립트의 증가가 취약점 증가로 이어지는 이유 
스크립트 감염 분석 및 대응 방법
Magecart를 효과적으로 방어하는 서비스의 특징
써드파티 스크립트의 상황을 분석하는 데 유용한 팁
 
발표자는 Akamai Technologies의 신동곤 상무입니다.

써드파티 스크립트 애플리케이션 보안: 침입 vs 탐지

Cyber Attacks

Cyber Security

Cloud Security

Malware

Magecart

Threat Detection

Threat Defence

Web Skimming

Third Party Scripts

Application Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

써드파티 스크립트 애플리케이션 보안: 침입 vs 탐지

Presented by

About this talk

Akamai APAC