LevelBlue & Akamai launch managed service for web app security
Service overview
The partnership introduces LevelBlue Managed Web Application and API Protection (WAAP), a security service built to provide adaptive, continuous protection to help mitigate risks and reduce the operational demands linked with securing web applications and APIs. The service incorporates Akamai's App & API Protector technology, featuring web application firewall (WAF), distributed-denial-of-service (DDoS) mitigation, bot protection, and foundational API security. This technology is integrated with expertise from LevelBlue's dedicated WAAP Operations team.
Against a backdrop of expanding application deployment and usage of APIs, organisations worldwide are facing increased challenges. Research from Enterprise Strategy Group highlights that the average number of web applications per organisation is expected to rise from 145 to more than 200 over two years. The proportion of organisations with over half of their applications using APIs is forecasted to climb from 32% to 80% over the same period.
Challenges for security teams
Security teams are contending with several critical challenges, including the need to discover application and API deployments, scale protections appropriately, swiftly identify and mitigate attacks, and ensure that security measures do not detract from performance. Added to these obstacles are staff shortages and a proficiency gap, with half of midmarket organisations reporting it is harder to secure web apps and APIs than it was two years ago. Many seek external support and more straightforward, consolidated solutions as environments grow more complex.
LevelBlue Managed WAAP aims to tackle these requirements by delivering measurable outcomes in security and simplifying operational processes.
Industry perspectives "Today, a surprising number of organisations rely on multiple tools that are not purpose-built for web application and API security - leading to complexity, silos, and rising costs," said Sundhar Annamalai, President of LevelBlue. "LevelBlue offers an alternative: proven services that consolidate and simplify protections with predictable investment. By combining LevelBlue's operational expertise with Akamai's proven technology, organisations can stay ahead of evolving threats and create cyber resilience for critical digital capabilities."
The service is available in two tiers, Essential and Advanced, giving organisations flexibility to select the level of support most suited to their requirements. Key features include: Round-the-clock support and advisory from a fully operational team of WAAP specialists
Automatic identification and classification of web applications and APIs, with scalable protection prioritised for exposed or sensitive data-handling assets
AI-powered threat detection combined with global threat intelligence to identify anomalies and adapt to emerging attack vectors
Expert-led, automated policy management to improve efficiency, reduce false positives, and align with contemporary DevOps workflows
The prevalence and complexity of online threats continues to increase. In 2024, Akamai reported witnessing over 311 billion web application attacks, highlighting the need for robust protection as organisations accelerate digital adoption and AI-powered attacks become more sophisticated. "In 2024 alone, Akamai saw over 311 billion web app attacks. As AI accelerates, threats are harder to spot, and security is tougher to control," said Rupesh Chokshi, Senior Vice President and General Manager of Akamai's Application Security Portfolio. "Akamai and LevelBlue's partnership gives customers access to a trusted, reliable team that combines industry-leading technology with the deep operational expertise of one of the world's largest MSSPs. It's a powerful combination with a flexible solution that can fast-track organisations to resilient protection and compliance."
Follow us on:
Share on:
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
4 days ago
- Techday NZ
LevelBlue & Akamai launch managed service for web app security
LevelBlue and Akamai have announced a partnership to deliver new managed web application and API protection services designed to aid organisations in consolidating, simplifying, and scaling their security operations. Service overview The partnership introduces LevelBlue Managed Web Application and API Protection (WAAP), a security service built to provide adaptive, continuous protection to help mitigate risks and reduce the operational demands linked with securing web applications and APIs. The service incorporates Akamai's App & API Protector technology, featuring web application firewall (WAF), distributed-denial-of-service (DDoS) mitigation, bot protection, and foundational API security. This technology is integrated with expertise from LevelBlue's dedicated WAAP Operations team. Against a backdrop of expanding application deployment and usage of APIs, organisations worldwide are facing increased challenges. Research from Enterprise Strategy Group highlights that the average number of web applications per organisation is expected to rise from 145 to more than 200 over two years. The proportion of organisations with over half of their applications using APIs is forecasted to climb from 32% to 80% over the same period. Challenges for security teams Security teams are contending with several critical challenges, including the need to discover application and API deployments, scale protections appropriately, swiftly identify and mitigate attacks, and ensure that security measures do not detract from performance. Added to these obstacles are staff shortages and a proficiency gap, with half of midmarket organisations reporting it is harder to secure web apps and APIs than it was two years ago. Many seek external support and more straightforward, consolidated solutions as environments grow more complex. LevelBlue Managed WAAP aims to tackle these requirements by delivering measurable outcomes in security and simplifying operational processes. Industry perspectives "Today, a surprising number of organisations rely on multiple tools that are not purpose-built for web application and API security - leading to complexity, silos, and rising costs," said Sundhar Annamalai, President of LevelBlue. "LevelBlue offers an alternative: proven services that consolidate and simplify protections with predictable investment. By combining LevelBlue's operational expertise with Akamai's proven technology, organisations can stay ahead of evolving threats and create cyber resilience for critical digital capabilities." The service is available in two tiers, Essential and Advanced, giving organisations flexibility to select the level of support most suited to their requirements. Key features include: Round-the-clock support and advisory from a fully operational team of WAAP specialists Automatic identification and classification of web applications and APIs, with scalable protection prioritised for exposed or sensitive data-handling assets AI-powered threat detection combined with global threat intelligence to identify anomalies and adapt to emerging attack vectors Expert-led, automated policy management to improve efficiency, reduce false positives, and align with contemporary DevOps workflows The prevalence and complexity of online threats continues to increase. In 2024, Akamai reported witnessing over 311 billion web application attacks, highlighting the need for robust protection as organisations accelerate digital adoption and AI-powered attacks become more sophisticated. "In 2024 alone, Akamai saw over 311 billion web app attacks. As AI accelerates, threats are harder to spot, and security is tougher to control," said Rupesh Chokshi, Senior Vice President and General Manager of Akamai's Application Security Portfolio. "Akamai and LevelBlue's partnership gives customers access to a trusted, reliable team that combines industry-leading technology with the deep operational expertise of one of the world's largest MSSPs. It's a powerful combination with a flexible solution that can fast-track organisations to resilient protection and compliance." Follow us on: Share on:
Techday NZ
08-08-2025
- Techday NZ
DDoS attacks surge 364% in APAC, driven by AI & hacktivists
Radware has reported a significant escalation in Distributed Denial of Service (DDoS) attack activity across the Asia-Pacific (APAC) region, with average attack volumes increasing by 364% compared to the previous year. The data from Radware's threat intelligence research, which encompasses information from the company's cloud and managed services along with publicly available data from the Telegram messaging platform, provides a detailed overview of recent trends and targets in network and application-based cyberattacks. Sharp escalation According to the company, the frequency and intensity of DDoS incidents are outpacing previous years in the region. Kenichiro Sasaki, Country Manager for Radware in Japan, noted the changing landscape of threats facing organisations: "Across APAC, there has been a sharp escalation in the frequency and intensity of cyberattacks and DDoS incidents are leading the charge. Multiple catalysts are driving the threat revolution, including geopolitical conflicts, bigger and more complex threat surfaces, and more sophisticated and persistent threats. Add to that the impact of Al, which is lowering barriers to entry, and what you have is a highly dynamic threat environment that demands equally dynamic defense strategies." The company's analysis reveals that, from 2023 to 2024, the average number of network DDoS attacks per customer increased by 72%. Service providers were the primary targets, receiving 55% of the attack volume, while the technology and gaming sectors followed with 21% and 11% respectively. Network-layer and application-layer attacks Network-layer DDoS attacks have increased threefold in average size during this period. Concurrently, Layer 7 (application-layer) DNS DDoS attacks have also grown considerably, with the number of DNS flood queries and malicious DNS volumes both rising by 93% over the previous year. The manufacturing sector was most impacted by these DNS flood activities, accounting for 43% of the malicious queries, while telecom and energy sectors comprised 40% and 14% respectively. Radware's research indicates that the broadening digital infrastructure in APAC, coupled with persistent global tensions and the emergence of advanced AI capabilities, are increasing the region's susceptibility to a diverse range of cyber threats. Hacktivist campaigns intensify Hacktivist-led cyberattack campaigns have maintained their momentum globally and regionally, with targeted DDoS attacks surging in response to ongoing political and ideological unrest. Data gathered from Telegram indicates a 20% global rise in hacktivist-claimed attacks between 2023 and 2024. Within APAC, India emerged as the most targeted country with 761 claimed attacks, followed by Indonesia with 614, Taiwan with 281, Thailand with 220, and Bangladesh with 188. The report identifies government institutions as the most commonly targeted group among hacktivists in the region, accounting for 17% of the activity. This was followed by the education sector at 12% and the finance sector at 9%. The threat actor known as Executor DDoS was the most active in APAC, laying claim to 513 DDoS attacks. This was followed by RipperSec with 467 attacks and NoName057(16) with 362 attacks. Industry perspectives The findings reflect broader industry concerns regarding the increasing complexity of cyberattacks and the involvement of AI, which is perceived as reducing the technical barrier of entry for attackers and enabling more frequent and complex campaigns. As the threat landscape evolves, the need for adaptable and advanced defensive strategies is highlighted across affected sectors such as service providers, technology, gaming, manufacturing, telecoms, and energy. Radware's intelligence underscores the ongoing challenges facing APAC organisations as they address the growing risks and implement strategies aimed at safeguarding their digital operations against a changing backdrop of cyber threats.
Techday NZ
07-08-2025
- Techday NZ
Teleport launches Secure MCP to protect AI enterprise workflows
Teleport has announced the general availability of its Secure Model Context Protocol (MCP) for use on the Teleport Infrastructure Identity Platform. The Secure MCP solution seeks to address new security challenges emerging from the rapid adoption of artificial intelligence across enterprises. Recent data from Enterprise Strategy Group indicate that 44% of enterprises have now deployed AI within their organisations. Teleport's Secure MCP is designed to provide security guardrails for AI systems as they interact with databases, MCP servers, and other forms of enterprise data. The Model Context Protocol is an open standard that enables AI models to connect with various tools, databases, or applications using a simplified, universal interface. This is intended to streamline integration in a manner akin to technology standards such as USB-C for physical devices. Despite these integration benefits, MCP was not originally intended with access control, which presents risks around unrestricted data access for AI models. Consequently, there is a need for mechanisms that can provide controlled, audited, and secure access to sensitive data. Teleport's Secure MCP responds to these needs by employing its Infrastructure Identity Platform, which extends existing trust frameworks to AI-based workflows. The platform enforces both Role-Based and Attribute-Based Access Controls (RBAC and ABAC) to manage the resources that large language models (LLMs) can access. Every session involving AI data access is logged, thereby contributing to regulatory compliance and audit readiness. Ev Kontsevoy, Chief Executive Officer of Teleport, commented on the development: "AI is terraforming how software is deployed in organizations. It shouldn't require a major public security incident to motivate business leaders to prepare for this impending challenge. Applying the same access control guardrails for AI, humans, and non-human identities accelerates AI adoption while locking in the protection needed to prevent unauthorized access of data. That's why we launched our secure MCP solution for Teleport, to enable enterprises to confidently unlock AI's innovation without falling prey to its security vulnerabilities and loopholes." Industry analysts have noted a concurrent rise in deployments of AI agents that operate within core enterprise systems, increasing the urgency for businesses to address identity and data security concerns. Todd Thiemann, Principal Analyst for Identity Security & Data Security at Enterprise Strategy Group, highlighted the pressing nature of these issues: "A wave of AI agent deployments that touch on core enterprise systems is in process, and identity teams need to be prepared. Recent Enterprise Strategy Group research showed that data privacy and security for AI agents were major concerns for enterprise security teams. Teleport's Secure MCP solution lays the groundwork for secure agent deployment and enables identity teams to get ahead of the game in securing their AI agent deployments." Secure MCP delivers several key architectural components for AI and MCP deployments. These include Zero Trust Networking, allowing only authenticated clients to interact with MCP servers over encrypted connections. A live MCP server inventory feature allows administrators to discover and register MCP tools across hybrid infrastructure environments automatically. Strict access control ensures that language models are only able to access resources for which they are specifically authorised, while the principle of least privilege means that authorisations are granted on a just-in-time basis for defined tasks. This minimises the potential risk of overprivileged or persistent access by AI models. Additionally, comprehensive audit trails provide a record of every attempt - successful or denied - by LLMs to access data. The extension of these security controls to MCP allows engineering teams to develop technology that incorporates AI without opening new avenues for unauthorised access to company data. By supporting both machine and user-driven LLM workflows, Teleport states its platform is positioned to accommodate a range of AI integration scenarios while maintaining a strong security posture. Follow us on: Share on:
