One thing that really surprised me was how effective the behavioral-based detection is in identifying the anomalies that traditional rule-based systems might miss. It gives much better visibility into how APIs are actually being used in real-world scenarios. I also found that the API discovery feature was very useful, especially in identifying shadow or undocumented APIs, which are often overlooked but can introduce significant security risks. In terms of improvement, one area I feel could be enhanced is more granular customization in policy tuning and clearer visibility into how certain behavioral decisions are made. This would help in faster fine-tuning and reducing false positives more efficiently. Overall, the platform is very strong in providing visibility and proactive security, but adding more flexibility and transparency in controls could make it even more effective. Akamai API Security is a strong platform, especially in terms of visibility and behavioral-based detection. One area where I feel it can be improved is in simplifying policy tuning and configuration. Sometimes, fine-tuning policies for specific API behavior can take time, so having more intuitive controls or guided recommendations would make it easier for operational teams. Another improvement could be providing more detailed insights into how the behavioral decisions are made. This would help in better understanding why certain traffic is flagged as anomalous and would make troubleshooting faster. Additionally, enhanced reporting and dashboard customization would be helpful, especially for generating customer-facing insights and governance reports. Overall, making the platform more user-friendly and improving visibility into decision-making would further enhance its effectiveness. In addition to the current capabilities, I think there are a few areas where Akamai API Security can evolve further. One key improvement would be deeper integration with application context, such as understanding user roles, authentication flows, and business logic. This would help in detecting more advanced threats such as privilege abuse or business logic attacks. Another area would be more AI-driven recommendations for policy tuning. For example, suggesting optimal rate limits or automatically adjusting policies based on traffic patterns could reduce the manual effort and improve efficiency. I also feel that enhanced integration with SIEM and other security platforms would be beneficial, allowing better correlation of API security events with overall security incidents. Additionally, more customizable and exportable reporting features would help governance and customer-facing reporting. Overall, the platform is very strong. Adding more intelligence, automation, and integration capabilities would make it even more powerful for enterprise environments.
I believe Akamai API Security could be improved specifically in the integrations so that they can be executed more effectively with platforms such as a SIEM or SOAR, which would help me automate workflows for incident response. Another important improvement I consider necessary for the platform would be the ability to customize dashboards for executive reports on demand from the customer. I do not consider any other improvements necessary for Akamai API Security beyond the ones I have already mentioned.
I believe Akamai API Security could be improved specifically in the integrations so that they can be executed more effectively with platforms such as a SIEM or SOAR, which would help me automate workflows for incident response. Another important improvement I consider necessary for the platform would be the ability to customize dashboards for executive reports on demand from the customer. I do not consider any other improvements necessary for Akamai API Security beyond the ones I have already mentioned.
Incident Manager at a computer software company with 1,001-5,000 employees
Real User
Top 5
Feb 2, 2026
The tool is blocking and only the person who has access to the tool can actually see how many DDoS attacks were blocked. Since I do not log in to the portal myself, I am unaware of this capability. I heard the word Akamai's anomaly detection from my team that they use this, but I don't know about it on the technical aspect. I am unaware of Akamai API Security's ability to adjust security policies in real-time. I am also unaware of which feature of Akamai API Security has helped us monitor API usage trends. Someone who is actually hands-on using Akamai API Security might know this.
Senior Engineering Manager Cybersecurity at a computer software company with 1,001-5,000 employees
Real User
Top 5
Dec 13, 2024
The challenge I found was with contextualization and how analytics are generated. Reports were sent in a raw format without proper analytics. There was no mechanism to identify which APIs will always have PII information, such as those with PCI data. Tuning to skip known APIs wasn't available.
Platform Engineer at a retailer with 10,001+ employees
Real User
Oct 27, 2023
It would be beneficial to use machine learning and API throttling together to identify how the APIs are called and whether it's coming from the right person or the wrong person. Akamai is developing that type of feature called URL protection, which is a mixture of API throttling and machine learning. Before blocking everything, this feature would check and first block requests coming from a hosting provider with a bad reputation.
Akamai API Security offers a comprehensive set of features designed to improve API security posture, including automated API discovery and anomaly detection, ensuring robust data protection and minimized response times.Focused on safeguarding public-facing APIs, Akamai API Security provides full visibility into undocumented APIs and detects abnormal traffic patterns, minimizing unauthorized access and data exposure. Integration with tools like Bot Manager Premier and DDoS protection allows...
One thing that really surprised me was how effective the behavioral-based detection is in identifying the anomalies that traditional rule-based systems might miss. It gives much better visibility into how APIs are actually being used in real-world scenarios. I also found that the API discovery feature was very useful, especially in identifying shadow or undocumented APIs, which are often overlooked but can introduce significant security risks. In terms of improvement, one area I feel could be enhanced is more granular customization in policy tuning and clearer visibility into how certain behavioral decisions are made. This would help in faster fine-tuning and reducing false positives more efficiently. Overall, the platform is very strong in providing visibility and proactive security, but adding more flexibility and transparency in controls could make it even more effective. Akamai API Security is a strong platform, especially in terms of visibility and behavioral-based detection. One area where I feel it can be improved is in simplifying policy tuning and configuration. Sometimes, fine-tuning policies for specific API behavior can take time, so having more intuitive controls or guided recommendations would make it easier for operational teams. Another improvement could be providing more detailed insights into how the behavioral decisions are made. This would help in better understanding why certain traffic is flagged as anomalous and would make troubleshooting faster. Additionally, enhanced reporting and dashboard customization would be helpful, especially for generating customer-facing insights and governance reports. Overall, making the platform more user-friendly and improving visibility into decision-making would further enhance its effectiveness. In addition to the current capabilities, I think there are a few areas where Akamai API Security can evolve further. One key improvement would be deeper integration with application context, such as understanding user roles, authentication flows, and business logic. This would help in detecting more advanced threats such as privilege abuse or business logic attacks. Another area would be more AI-driven recommendations for policy tuning. For example, suggesting optimal rate limits or automatically adjusting policies based on traffic patterns could reduce the manual effort and improve efficiency. I also feel that enhanced integration with SIEM and other security platforms would be beneficial, allowing better correlation of API security events with overall security incidents. Additionally, more customizable and exportable reporting features would help governance and customer-facing reporting. Overall, the platform is very strong. Adding more intelligence, automation, and integration capabilities would make it even more powerful for enterprise environments.
I believe Akamai API Security could be improved specifically in the integrations so that they can be executed more effectively with platforms such as a SIEM or SOAR, which would help me automate workflows for incident response. Another important improvement I consider necessary for the platform would be the ability to customize dashboards for executive reports on demand from the customer. I do not consider any other improvements necessary for Akamai API Security beyond the ones I have already mentioned.
I believe Akamai API Security could be improved specifically in the integrations so that they can be executed more effectively with platforms such as a SIEM or SOAR, which would help me automate workflows for incident response. Another important improvement I consider necessary for the platform would be the ability to customize dashboards for executive reports on demand from the customer. I do not consider any other improvements necessary for Akamai API Security beyond the ones I have already mentioned.
The tool is blocking and only the person who has access to the tool can actually see how many DDoS attacks were blocked. Since I do not log in to the portal myself, I am unaware of this capability. I heard the word Akamai's anomaly detection from my team that they use this, but I don't know about it on the technical aspect. I am unaware of Akamai API Security's ability to adjust security policies in real-time. I am also unaware of which feature of Akamai API Security has helped us monitor API usage trends. Someone who is actually hands-on using Akamai API Security might know this.
More features would be beneficial.
The challenge I found was with contextualization and how analytics are generated. Reports were sent in a raw format without proper analytics. There was no mechanism to identify which APIs will always have PII information, such as those with PCI data. Tuning to skip known APIs wasn't available.
It would be beneficial to use machine learning and API throttling together to identify how the APIs are called and whether it's coming from the right person or the wrong person. Akamai is developing that type of feature called URL protection, which is a mixture of API throttling and machine learning. Before blocking everything, this feature would check and first block requests coming from a hosting provider with a bad reputation.