Contenu connexe
Similaire à Integrating Security Controls into the Development and Delivery Pipeline (20)
Plus de Akamai Developers & Admins (20)
Integrating Security Controls into the Development and Delivery Pipeline
- 2. © AKAMAI - 2017
Where are you in your DevOps evolution to integrate
security controls into your pipeline?
- 3. © AKAMAI - 2017
For those down the DevOps path, is that
helping or hurting your app sec posture?
What changes have you had to make to
your app sec program as release velocity
has gone up?
- 4. © AKAMAI - 2017
Enabling DevOps Practices on Cloud Security Products
Recently Added
SIEM Integration & API for rapid feedback in
the systems, where your team works.
In 2018
Kona Site Defender critical Security
Configuration APIs
Fast Activation of Security Configuration and
Network List changes
“Give me real-time visibility and
insights!”
“I need to use my automation tools on
all components of my infrastructure!”
“Changes have to be fast!”
What are we Hearing?
- 5. © AKAMAI - 2017
SIEM Integration Product Concept
SIEM Connector retrieves security events
through OPEN API exposed by the ASEC.
Security events are retrieved in the SIEM
Connector in JSON format.
Once the SIEM Connector retrieves the security
events from ASEC, it process them and sends the
events to the SIEM.
Akamai Security Events Collector
(ASEC)
Customer Fire Wall
Security Events Generated at Akamai
Edge Servers in JSON Format
Pull Request
SIEM Connector
Authenticate
+
REST API
1
3
2
1
2
3
Pull Response
- 6. © AKAMAI - 2017
● Retrieve data in one of two modes:
Ø Offset-based:
Ø Time-based:
● SIEM API Specification published on Akamai Developer page1
1. https://developer.akamai.com/api/luna/siem/resources.html
SIEM API Overview
/siem/v1/configs/7777?from=1499835600&to=1499875200&limit=1000
/siem/v1/configs/7777?offset=1500390779
- 7. © AKAMAI - 2017
Kona Site Defender Critical Security Configuration APIs
Key Use Cases:
Add a new host for protection
Audit security configurations
Create custom rules as a virtual patch
- 8. © AKAMAI - 2017
Kona Site Defender Critical Security Configuration APIs
- 9. © AKAMAI - 2017
Fast Activation of Security Configuration and Network List Changes
Key Use Cases:
Fast deployment of security configuration and network list globally
Fast cancellation of my configuration activation that is underway
Fast fallback to previously activated configuration
Completion time estimation prior and during activation process
Automate fast activation of security configuration and network list changes