Name: Web Application and API Attack Trends to Look for in 2023
Start: 2023-05-16T05:00:00Z
End: 2023-05-16T05:01:03.000Z
Location: BrightTALK

Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense in depth to safeguard enterprise data and applications everywhere. Akamai’s full-stack cloud computing solutions deliver performance and affordability on the world’s most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

In the final episode of our three-part series, experience TrafficPeak's powerful real-time observability platform in action with product demos. Watch how you can leverage real-time insights to optimize your content delivery and enhance viewer engagement.

 During this interactive session, you'll discover how to: 

-Gain Instant Visibility: Explore TrafficPeak's intuitive dashboard to monitor key metrics such as latency, buffering rates, and content popularity in real-time. 
-Proactively Resolve Issues: Learn how TrafficPeak identifies performance bottlenecks, empowering you to troubleshoot problems before they impact your audience. 
-Maximize Content Impact: See how actionable insights can help you fine-tune content promotion strategies and improve user retention. 
-Simplify Operations: Discover automation capabilities that streamline caching decisions and improve overall delivery efficiency. 

Whether you're looking to improve streaming performance, drive engagement, or enhance your observability strategy, let this demo show you the power of TrafficPeak's capabilities.

Don't miss this opportunity to see TrafficPeak in action and innovate your streaming experience.

Ep. 3 - Experience Real-Time Observability: Join us for a Demo

In the second episode of our three-part series, we take a deep dive into real-world customer experiences with TrafficPeak’s edge observability. Join us for an exclusive subject matter expert fireside chat where we’ll explore how businesses across media streaming, e-commerce, and finance have successfully implemented cost-effective observability to overcome challenges and enhance performance.

You’ll be able to gain valuable insights into:


-Customer Success Stories – Learn how businesses are improving performance, reliability, and user engagement with real-time observability.
-Practical Applications – Understand how observability strategies can be tailored to optimize as per your needs
-Overcoming Industry Challenges – Discover how our customers tackle scalability, latency, security, and compliance hurdles.
-Impact of Cost-effective Solutions - See how affordable observability drives results without breaking the bank

Don’t miss this insightful discussion that bridges the gap between insights and real-world applications, highlighting impactful results.
 Stay tuned for our final episode, which will feature a live product demo showcasing the power of Trafficpeak’s observability platform.

Ep. 2 - Cost-effective Edge Observability in action: Customer Success Insights

In today's fast-paced digital landscape, real-time observability is crucial for delivering seamless experiences, ensuring system reliability, and optimizing performance across industries like media streaming, e-commerce, and finance. TrafficPeak on Akamai Cloud provides instant insights that drive smarter decisions and better outcomes.

Join us to discover how TrafficPeak on Akamai Cloud can help you:


-Real-Time Insights for Smarter Decisions –Instantly monitor user behavior, system performance, and content delivery to optimize operations.
-Enhance Performance & Reliability – Predict traffic surges, balance workloads, and resolve issues before they impact users.
-Optimize Costs & Resource Allocation – Streamline caching, network routing, and cloud spend to maximize efficiency.
-Improve Security & Compliance – Detect anomalies, mitigate threats, and meet industry-specific compliance requirements.
-Stay Ahead with Best Practices – Explore the latest trends in observability and learn how industry leaders are leveraging TrafficPeak.

This is the first episode of a three-part series—stay tuned for upcoming sessions featuring real-world customer case studies and a live product demo in the final episode.

Ep. 1 - Cost-effective Edge Observability with TrafficPeak

APIs are integral to modern applications including AI's operational and functional aspects. Vulnerabilities and misconfigurations in APIs can lead to severe consequences like data breaches, fines, and reputational damage.

Join our live API Security demo to discover how to:

-Gain complete visibility into your APIs, and the data they handle
-Instantly create an API inventory to meet regulatory compliance requirements
-Leverage AI and machine learning to analyze API transactions and detect posture and business logic vulnerabilities
-Automate workflows for alerts, ticketing, event logs, remediation guidance, and attacker blocking
-Reduce risks early with Shift-Left API testing during the development phase

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

AI-Powered API Security in Action

Generative AI reshapes API security, posing new threats and solutions. In this session, we will explore how malicious actors could leverage generative AI to exploit API vulnerabilities. And outline how Akamai integrates cutting-edge AI technologies to defend against these threats.

In this practical session, you will learn:

1. How generative AI is being used by attackers to discover vulnerabilities, and automate API exploitation

2. How Akamai API Security employs advanced AI models to identify suspicious patterns and predict threats in real time

3. Real-world examples of how generative AI is used in Akamai API Security to strengthen defenses

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

Generative AI and API Security: Staying Ahead with Akamai API Security

APIs have long been the important connective tissue that enables modern applications to function, interact, and scale effectively.

In the age of AI, APIs serve as the critical infrastructure that enables seamless communication between AI systems and other applications, facilitating real-time interactions between applications, data sources, and services.

However, as APIs become more integral to AI's operational and functional aspects, they also present a growing attack surface for cyber threats. 

In this session, you will learn:

 1. The Role of APIs in AI and Agentic Systems
 2. How compromised APIs can disrupt AI systems and expose sensitive data
 3. Top security risks affecting APIs and their impact
 4. Mitigating API risks with best practices and AI-powered tools
 5. Key takeaways and next steps

This presentation is ideal for security professionals, developers, and business leaders looking to stay ahead in the ever-changing landscape of API security.

API security in the age of AI

Zero Trust isn’t just about security—it’s a critical pillar of cyber resilience. But how do you measure its impact? In this final episode of our cyber resilience webinar series, we’ll break down the real ROI of implementing Zero Trust and how Akamai Guardicore Segmentation helps you maximize security while minimizing costs.

Join us as we explore:

-How to reduce attack surfaces and simplify compliance, and enhance operational security
-How granular segmentation prevents lateral movement and minimizes business disruptions
-Real-world use cases and key metrics to quantify the financial and security benefits

Whether you’re starting or fine-tuning your security strategy, this session will equip you with insights to measure success, reduce risks, and enhance cyber resilience. Don’t miss this opportunity to take that final step in your Zero Trust journey!

Ensure Cyber Resilience: Maximizing ROI on Your Zero Trust Journey with Akamai

Achieving a solid network segmentation policy is only the beginning. In today’s dynamic threat landscape, even the most well-architected segmentation policies require continuous tuning and vigilance after deployment. This session dives deep into the evolving world of Day-2 network security — where static rules become liabilities, and policy maintenance is a continuous battle against misconfigurations, overly permissive access, and silent policy failures.

Join us to explore 7 critical real-world scenarios that expose hidden gaps in segmentation strategies — from overshadowed and zero-hit rules to unrestricted admin access and rogue remote tools. Learn how attackers exploit these weaknesses and how security teams can shift from a “set it and forget it” mindset to a proactive, adaptive approach.

We’ll cover actionable techniques to:
- Detect and eliminate overly broad or obsolete rules
- Enforce least-privilege communication at scale
- Use automation and traffic intelligence to continuously optimize your policy
- Bring hidden attack paths to light — before adversaries do

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Making Cyber Resilience Work for Critical Infrastructure

Modern cyber threats are more sophisticated than ever, bypassing even the most advanced security defenses. Akamai HUNT takes security to the next level by leveraging real-time segmentation data, third-party integrations, and cutting-edge telemetry to uncover and neutralize hidden threats before they cause damage. With no additional agent rollout required, organizations can seamlessly enhance their security posture while avoiding alert fatigue and unnecessary operational burdens.

In this webinar, we’ll walk you through the power of Akamai HUNT, real-world success stories, and a live product demo showcasing how security teams can detect and respond to advanced threats in real time.

What You’ll Learn:
- Understanding Akamai HUNT – How it enhances Guardicore segmentation and integrates with OSquery for deep visibility.
- Real-World Threat Hunting Scenarios – Case studies showcasing how Akamai HUNT identified crypto-mining malware, admin credential leaks, and PowerShell abuse.
- Advanced Threat Detection & Incident Response – How Hunt’s detection engine minimizes false positives and prioritizes the most critical threats.
- Live Demo – See how Hunt visualizes threats, maps attack paths, and provides actionable remediation steps.
- Security Best Practices & Future Innovations – Insights into upcoming enhancements to segmentation rules and proactive threat prevention.

Hunting the Most Evasive Cyber Threats With Akamai HUNT

It has been established that microsegmentation is a fast-growing essential business building block - from gaining visibility into your applications and workloads, developing your security posture, and enabling Zero Trust - microsegmentation represents exciting advancements for operational security.

But there are many approaches organizations have at their disposal, and understanding the tools and solutions that suit your business needs and requirements is essential for longevity and success.

In this session, we’ll be reviewing the solutions and tools available today, the mistakes to avoid, and how to set your business up for success.

Join Akamai and Enterprise Strategy Group Analysts as we discuss:

- Considerations before assessing Microsegmentation vendors
- Where historical microsegmentation tools have fallen short in the past, and the tools available today
- How you can gain visibility into your network using Microsegmentation
- AI and machine learning in the microsegmentation space
- And more!

Understanding Cyber Resilience: Why It’s Crucial for Your Business Now

Cyber threats are evolving—are your defenses keeping up? In the first episode of our series, we explored cyber resilience and how to stay operational in the face of attacks. Now, we’re taking it a step further.

From ransomware and advanced persistent threats to insider attacks, cybercriminals are finding new ways to infiltrate organizations.How do you defend against these threats? The answer is Network segmentation—a critical security strategy that isolates sensitive data and systems, limits damage, and enhances threat detection and response.

Join our experts as we explore:

-Top threats impacting cyber resilience, such as ransomware 
-Live demo showing how to prevent attackers exploiting network weaknesses
-Best practices for adopting stronger security measures.

Walk away with actionable insights to protect your business from emerging threats and ensure operational resilience.

Fortifying Cyber Resilience: Tackling Top Threats with Segmentation

Join us to understand how DDoS Attacks against the Financial Sector have moved from nuisance to strategic threat as well as how those same trends are impacting other industries. DDoS attacks have grown in complexity, scope and speed with many being driven by political vs cybercriminal goals, which require new risk analysis and protections. Financial Services Information Sharing and Analysis Center (FS-ISAC) and Akamai have teamed up to share:
 
• Trends in threat methodology, tactics, and motivations
• Attacks by region, infrastructure, and motivations 
• Best practices and maturity model to protect against DDoS

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector

Ransomware has quickly become one of the most severe threats to the financial sector, with attacks skyrocketing by 70% over the past year. Unlike typical cyber incidents, today’s ransomware assaults are multi-staged and highly targeted, designed to not only disrupt operations but also exfiltrate sensitive data and amplify pressure through direct outreach to clients and regulators. Financial institutions face unique risks, from compromised reputation to operational paralysis, and require tailored defenses to stay protected.

In this webinar, our cybersecurity experts will reveal FS-ISAC’s latest findings on ransomware trends and defense strategies tailored for finance. Attendees will learn to build resilient defenses, create rapid response plans, and navigate high-stakes decision-making, equipping them with the critical tools needed to secure their organizations.

What You’ll Learn:
- Anatomy of a Ransomware Attack: From initial breach to quadruple extortion, learn the stages and tactics that make ransomware so disruptive to financial firms.
- Defense Essentials: Key cybersecurity fundamentals—like Zero Trust policies, multi-factor authentication, and isolated, resilient backup solutions—to stop ransomware in its tracks.
- Crisis Management and Compliance: Build an agile incident response plan, manage communication with clients, and navigate global regulations to reduce impact.
- Informed Decision-Making: Weigh the complex risks and compliance factors in ransom payments, with guidance for safeguarding both your operations and reputation.

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our webinars.

Ransomware Readiness for Financial and Critical Industries

Join us for an exclusive webinar featuring a real-world success story from one of our customers who transformed their security posture through microsegmentation. In this live session, you’ll hear firsthand from Network Security Architect, Quynn Kars, and Network Security Engineer, Evan Martinez, on how they decided they needed a change, why their company chose microsegmentation, and how they compared pricing to legacy firewall options. Discover the strategic decisions, implementation best practices, and lessons learned throughout their journey—from initial planning and beyond. Whether you're just starting to explore microsegmentation or looking to optimize your existing approach, this webinar offers valuable insights and practical takeaways.

What You’ll Learn:
- Key drivers behind their decision to adopt microsegmentation
- Obstacles they encountered—and how they overcame them
- Tangible outcomes and metrics demonstrating success
- Recommendations for organizations considering microsegmentation

Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Hear from a Peer: A Segmentation Journey told by an Akamai customer

Security buyers face endless claims about protection efficacy — but how do you separate marketing from measurable reality?

In this session, SecureIQLab and Akamai break down the results of the industry’s only recurring, standards-based comparative WAAP test. Join Cameron Camp, Analyst Security Researcher and Akamai’s Brent Maynard, to learn how independent testing is conducted, why resiliency and false-positive avoidance matter as much as detection rates, and where most vendors still fall short.

We’ll share Akamai’s top-performing results, key market learnings, and the practical questions every security leader should ask when evaluating a WAF or WAAP. Walk away with actionable insights to validate your current defenses and strengthen your buying decisions.


Akamai is an approved ISC2 CPE Submitter Partner. Earn CPE Credits by watching our Webinar.

Independent Testing, Real Results: How Secure Is Your WAAP?

As apps and APIs spread across cloud, on-prem, and hybrid environments, securing them consistently can be a challenge.

Watch this on-demand session to explore Akamai App & API Protector Hybrid — and see how you can extend powerful WAAP capabilities beyond the Edge.

What you’ll learn:
- How to unify WAF policy enforcement across environments
- How to secure East-West and North-South traffic with built-in resiliency
- Strategies to simplify operations and reduce vendor complexity

Whether you're modernizing infrastructure or closing WAF coverage gaps, this session offers practical guidance to help protect what matters — wherever it runs.

Extend WAF Protection Across Environments

Companies are spending billions in AI, building apps like customer service chatbots and decision tools to help customers select the best products. And there is much riding on these apps – organizations expect these big investments to create revenue, streamline operations, and reduce costs. Unfortunately, along with the new opportunities come new threats.

AI-driven applications are non-deterministic, giving different results every time even when given the same input. And because of this, bad actors can manipulate and attack these apps in unique ways. These attacks often go unseen and undetected, so you could suffer significant damage before you realize what happened. In this talk, we’ll show you how you can protect yourself from these new dangers.

Find out:
- The most misunderstood risks of AI apps
- The most common attacks and how they hurt companies’ top and bottom lines
- How security teams and business leaders can partner successfully to get the most ROI from AI apps
- Questions to ask when evaluating AI Security solutions

Securing AI-Driven Apps: Stopping Attacks Before They Stop You

Dive into the crucial realm of API security with our second live episode, tailored for APAC and global tech professionals. 

We'll uncover hidden vulnerabilities in sophisticated APIs and provide a comprehensive view of the risks and defense mechanisms. This episode is not just an exploration but a practical guide to mastering API security in the digital age.

Join us for a live session for:
-Demo deep dive on Akamai API Security
-Proof-of-concept (POC) insights
-Customer Case studies
-Threat Hunting tactics
-Strategies for enhanced API Protection

For details on the first session of this API security series -https://www.brighttalk.com/webcast/17473/602219

API Security Exposed: APAC's Guide to Advanced Defense

APIs are the backbone of modern software development and data exchange today. As APIs become increasingly vital, so does the need to secure them effectively.
 
Join this live APAC tech workshop session to equip yourself with the knowledge and tools needed to ensure the discovery and integrity of your APIs. 

Learn how API Security:
-Is a critical component for organizations looking for protection from business logic threats and attacks
-Provides enterprise-wide discovery and threat detection
-Provides data rich insights to enable strong and customized responses
-Is easy to deploy, reducing time to value, and resources and time to deploy
-Integrates with your day to day work processes and systems
 
Watch a live demo of data scraping and user account takeover attacks and listen to real stories from the forefront of API attacks seen in the wild in our next session .Register today.-https://www.brighttalk.com/webcast/17473/602221

Live APAC workshop: Mastering API Security

Between hidden Magecart web skimming campaigns, API authentication vulnerabilities, and the continuous assault by malicious bots, 2023 kept cybersecurity professionals busy. 

Researchers from Akamai’s Security Intelligence Group (SIG) and executives from our Security Operations Command Centers (SOCCs) look back on some of the most important developments in cybersecurity of 2023 and weigh in on their top observations.

Join us to learn: 

•        Regional attack trends, including Asia Pacific & Japan
•        Front-line observations from Akamai’s Security Research and Operations Command
•        Looking ahead to 2024’s threat landscape

Don't miss out on our upcoming LIVE API security workshops. Register now!

•         Mastering API Security- https://www.brighttalk.com/webcast/17473/602219
•         API Security Exposed: APAC's Guide to Advanced Defense - https://www.brighttalk.com/webcast/17473/602221

Lessons from 2023 top cybersecurity stories & what’s to come in 2024

APIs have been essential components of digital transformation and innovation - from the move to the cloud to enhancing customer experiences. OpenAPIs, and adoption of microservices have all contributed to the rapid growth of APIs as well as the explosion of the API attack surface. This API blindspot is becoming the biggest security problem for today’s businesses.

In this webinar, you will

    -Learn the evolution of the application architecture in a digitally transformed world.
    -Understand OWASP Top 10 API Security Risks 2023, and API security best practices.
    -Explore mitigation strategies with Akamai API security.
    -Akamai API Security Demo.

Building an effective API security strategy to secure critical business apps

The year 2023 began with a thunderous display of cyber warfare as threat actors took center stage. In addition to the usual gang of cybercriminals, hackers and script kiddies, a very powerful category of malicious actors dominated cybersecurity headlines: State-sponsored actors and hacktivist groups, such as Killnet or the newly emerged Anonymous Sudan, unleashed chaos upon sectors such as banking, airports, healthcare, state institutions and universities.

In this current mix of threat vectors, DDoS attacks turned out to play a major role again. Sometimes serving as a smokescreen for more sophisticated attacks, such as data theft, sometimes as a blackmail instrument in a triple extortion attempt, or used as the main attack method to bring down poorly protected Internet properties that are part of critical infrastructure. Seven out of the 10 largest DDoS attacks Akamai has mitigated took place in the last 24 months, and the trend is pointing upwards. And attacks have not just gotten bigger, but also more sophisticated and targeted. Businesses can no longer assume that their DDoS defense is bulletproof.

Akamai provides one of the most widely used DDoS protection solutions in the world, seeing and analyzing more attack traffic than any other company. In this webinar, you will learn:

• What you need to know about latest DDoS trends
• What questions to ask to check if your own security posture is still sufficient
• What steps Akamai took to keep Prolexic, its DDoS protection platform, ahead of threat actors
• Why a new, universal Network Cloud Firewall was added to Prolexic – how it improves DDoS protection, and what it can do beyond DDoS
• What advantages our new local DDoS data centers offer to Indian businesses

Why DDoS attacks are back - and what Indian businesses need to know

In our previous session, we discussed how Akamai’s App and API protector streamlines the protection of your web applications and API in a dynamic and automated fashion.
  
In this workshop, we will take a closer look at how to gain visibility into which parts of your application you can protect, and how these controls are implemented.
 
Join us for a hands-on look at a streamlined approach toward integration and configuration workflows. We’ll also look at the power of Akamai’s security analytics and dashboards to help you investigate, mitigate and triage attacks.
 
We’ll walk you through how to:
• Discover and gain true visibility of API endpoints, to reduce your API attack surface
• Leverage Akamai’s automated self-tuning capabilities, or configure advanced controls for greater flexibility
• Manage security controls with a simple and intuitive GUI, or automate the process with Akamai’s Terraform provider, APIs, or the Akamai CLI
• Detect and mitigate malicious activity or unwanted bot traffic in real time

Next generation cloud security – A deeper dive into application and API security

In today’s connected world, securing web applications and APIs from a wide range of threats is critical for business success. These threats include web app business logic attacks, API abuse, and even sophisticated bot attacks.
 
Securing digital properties amid cloud journeys, modern DevOps practices, and constantly changing applications and APIs also introduces new complexities and challenges.
 
The next generation of cloud security must tailor its defenses against the latest threats, while dynamically mitigating any vulnerabilities from legacy frameworks and technologies. 
 
In this webinar, we will discuss how Akamai’s App and API Protector:
• Automatically adapts to evolving attacks, including application DDoS attacks
• Protects against OWASP top 10 threats 
• Provides unparalleled bot visibility and mitigation strategies  
• Supports simplicity in onboarding and maintenance through automated updates, self-tuning, and Akamai’s advanced API capabilities
• Empowers both developers and security teams with deep attack visibility

Next generation cloud security – Streamlining your application and API security

App and API Security | Akamai

With the rise in web applications and APIs, attacks targeting these systems continue to escalate. Cybercriminals are always on the lookout for zero-day vulnerabilities, and new threats are emerging every day. Therefore, it is imperative to stay abreast of the latest attack vectors and mitigation strategies. 

In this webinar, Akamai presents its research on the top web application and API attack trends. We will share insights on the current attack trends impacting the Asia Pacific and Japan (APJ) region collectively. Our research also covers where adversaries are focusing their attacks on and what their preferred attack techniques are. 

Join us for this session to understand: 
- Latest web application and API attack trends in APJ 
- Common attack vectors and techniques used by adversaries 
- Top countries and industry verticals affected by attacks 
- Recommended mitigation strategies

Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
Moderator: Garion Kong, CISSP, CCSP, President, (ISC)² Singapore Chapter

Web Application and API Attack Trends to Look for in 2023

APIs

Web Application Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Web Application and API Attack Trends to Look for in 2023

Presented by

About this talk

Akamai APAC