What threat intelligence feeds are used by Akamai, and how do they compare to other service providers?

The majority of the threat data in Akamai’s Cloud Security Intelligence comes from data collected on the Akamai platform. Akamai delivers and protects around a third of global web traffic, and it resolves two-thirds of the world’s DNS queries daily. This gives Akamai an unprecedented view of the threat landscape. They augment their data with a few third-party threat intelligence feeds and public information, such as WHOIS and domain registration details. All of this data is analyzed using proprietary algorithms that can quickly identify malicious domains contained in this large volume of data. Additionally, the Akamai threat research team further analyzes the data sets, as there are certain types of threats that an automated machine learning process will not easily detect.

The MS-ISAC Cyber Threat Intelligence (CTI) team also feeds MDBR with near real-time threat information. The CTI team in coordination with the MS-ISAC Security Operations Center (SOC) and Cyber Incident Response Team (CIRT) is able to see actual attack data against SLTTs and quickly incorporate those Indicators of Compromise (IoC) with the MDBR platform to protect all SLTTs that take advantage of this service.