Web Application and API Protection Capabilities Checklist
Web Application and API Protection Capabilities Checklist
Deploying a web application and API security solution while planning, implementing, or optimizing your
information security strategy will provide your organization with the ability to understand your unique risks,
target security gaps, and detect threats. You need a web application and API protection (WAAP) solution
that provides continuous visibility with comprehensive insights, and the full capability to identify and stop
the most sophisticated attacks.
This checklist can be used to assess vendor capabilities or as a list of requirements needed to implement
an effective WAAP solution.
Scalability to match traffic demands and Network layer [L3/4] distributed denial-
provide continuous protection without of-service (DDoS) mitigation with a zero-
loss of performance second service-level agreement
Architecture that can overcome the Visibility into who is attacking, the frequency
challenges of geographically of attacks, and the severity of attacks with
dispersed applications crowd-sourced attack intelligence across
the platform
1
AKAMAI CLOUD SECURITY SOLUTIONS: CHECKLIST
2
AKAMAI CLOUD SECURITY SOLUTIONS: CHECKLIST
Automatic discovery and profiling Rate controls (throttling) for API endpoints
of unknown and/or changing APIs based on API key
(including API endpoints,
characteristics, and definitions)
API network lists (allowlists/blocklists)
based on IP/Geography
Automatic inspection of XML
and JSON requests to detect
API lifecycle management
API-based attacks
with versioning
3
AKAMAI CLOUD SECURITY SOLUTIONS: CHECKLIST
Open APIs and the CLI to integrate Real-time dashboards, reporting, and
security configuration tasks into heuristics-driven alerting capabilities
CI/CD processes
The Akamai Intelligent Edge Platform gleans insight from millions of web application attacks,
billions of bot requests, and trillions of API requests every single day. This level of insight,
coupled with advanced machine learning and threat research, allows us to constantly improve,
catch new threats, and develop innovative capabilities.
Akamai’s web application and API security solutions will secure your organization against the
most advanced forms of web application, DDoS, and API-based attacks. Contact us today to
learn more about our WAAP solutions and to schedule a demonstration.
Akamai secures and delivers digital experiences for the world’s largest companies. Akamai’s intelligent edge platform surrounds
everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely
on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multicloud architectures.
Akamai keeps decisions, apps, and experiences closer to users than anyone — and attacks and threats far away. Akamai’s portfolio of
edge security, web and mobile performance, enterprise access, and video delivery solutions is supported by unmatched customer
service, analytics, and 24/7/365 monitoring. To learn why the world’s top brands trust Akamai, visit akamai.com, blogs.akamai.com, or
@Akamai on Twitter. You can find our global contact information at akamai.com/locations. Published 11/20.