devops

Build Transformative Security with AI-Powered WAF Detections

Published: (March 10, 2026 at 08:00 AM EDT)
7 min read
Source: Linode Blog

Source: Linode Blog

Security

Build Transformative Security with AI‑Powered WAF Detections

Danielle Walter
Danielle Walter is an active advocate of IT professionals worldwide, leading their organizations’ growth through innovative IT transformation. She was a subject‑matter expert on messaging/branding for cloud providers before specializing in security. She enjoys collaborating on thought leadership within the industry and speaking at events. As a certified sommelier, Danielle savors her free time by exploring new wine, food, and destinations.

Cyberattacks are growing smarter and more relentless. In today’s environment, threat actors leverage AI to scale attacks across multiple vectors, automate reconnaissance, and iterate on exploit techniques at machine speed.

At Akamai, we’ve always met that evolution head‑on.

Akamai Adaptive Security Engine is at the core of Akamai App & API Protector and delivers automated, accurate, and regularly updated protections powered by machine learning, global intelligence, and expert threat research — forming one of the industry’s most advanced web‑application and API protection (WAAP) defenses.

Today, we’re building on that foundation to prepare for the fast‑changing tomorrow.

Advancing the Adaptive Security Engine for the AI era

We are introducing AI‑powered web application firewall (WAF) detections, an enhancement to Adaptive Security Engine that expands its ability to rapidly detect new web attacks from network traffic and release protections faster.

  • With Akamai, you gain security that continuously evolves with today’s threat landscape, without adding operational complexity. Protections are automatically updated and fine‑tuned, so your teams stay ahead of emerging threats while reducing manual effort and false positives.
  • You benefit from deeper, more precise detection that identifies sophisticated and evasive attacks across application and API traffic — including zero‑days and advanced exploit techniques — before they disrupt your business.
  • App & API Protector has always delivered a distinct intelligence advantage that strengthens your security posture, improves accuracy, and helps you innovate with confidence. It will continue to provide that advantage in today’s evolving threat landscape.

Adaptive Security Engine outsmarts evasive attacks

Figure 1 – Screenshot of a request from Akamai. The User‑Agent string has “PentestAgent” highlighted in yellow, indicating an attack by an AI‑driven pen‑test tool. Adaptive Security Engine identified previous Structured Query Language injection (SQLi) attacks from this client.

The request used SQL comments inside an SQL keyword SLEEP. This technique doesn’t successfully execute in a database because the comment is interpreted as a space character. The example shows how AI will boost firepower for attackers in the future — and how Akamai is ready to defend.

The release of this AI‑powered advancement builds on the proven strength of our core technology to accelerate how our protection evolves to meet AI‑driven threats.

New detections — and why they matter

AI‑powered WAF detections augment our leading WAAP solution with a system trained to identify malicious patterns.

Using traffic observed across critical applications and APIs worldwide, we built and trained AI models capable of:

  • Generating precise attack‑prevention logic
  • Identifying novel attacks
  • Recognizing suspicious attack behavior

These detections combine:

  • Self‑learning, internally developed discriminative and generative AI models
  • Platform‑scale traffic intelligence
  • Structured validation processes
  • Human threat‑research oversight

The result is an expanded detection layer that strengthens Adaptive Security Engine without replacing or undermining it.

Figure 2 – AI‑powered detections identified an SQLi attack. The request was flagged as suspicious by other security controls because it originated from a bot and had historical evidence of suspicious traffic on the platform.

This is just the start. During our research and validation phase, we found that the system is surfacing other types of attacks, such as parameter pollution or suspicious activities like probing scans.

What it means to be autonomous — and why autonomy matters

Being autonomous does not mean replacing our human threat‑detection expertise. It means accelerating protection‑evolution cycles beyond manual limits.

Advantages of an autonomous system

  1. Continuously analyzes live traffic patterns.
  2. Generates candidate detections.
  3. Validates those detections against real platform traffic.
  4. Surfaces only high‑confidence protections for expert review.
  5. Safely deploys approved protections.

Autonomy shortens the time between:

Attack innovation → Detection creation → Production mitigation

In an AI‑driven threat landscape, compressing that cycle is a strategic advantage. Akamai WAAP has always been adaptive and automatic; AI‑powered WAF detections increase the speed and precision at which that adaptation occurs.

In addition to increased autonomy, our testing has shown a zero false‑positive impact. Each deployment candidate must prove measurable value befo (text truncated in source).

Re‑release. Protections are introduced only once they are validated across diverse traffic conditions, minimizing disruption while maximizing impact.

Another important feature is that this advancement is designed for safe, parallel execution with minimal performance impact. AI‑powered detections run alongside core detections and rapid rules — not interfering with our customer‑loved penalty‑box logic. Customers retain full visibility of the detected attacks and maintain the flexibility to configure protection according to their risk appetite.

Operationally simple, technically powerful

This enhancement to the Adaptive Security Engine reinforces our commitment to simple security operations.

  • Included for all App & API Protector customers
  • No additional licensing or complex configuration
  • Flexible deployment modes (alert or deny)
  • Precise detections that eliminate the need to fine‑tune for unique application implementations
  • Full transparency and visibility in Web Security Analytics

Responsibly building the future of adaptive defense

Attackers are leveraging AI to increase scale and sophistication. Defenders must respond with equal speed and greater discipline.

AI‑powered WAF detections use internally developed models that keep safety and reliability as core principles. The models are trained on Akamai network data—specifically attack records and traffic logs—processed by data‑operations that adhere to industry‑compliant standards such as:

Data is used only after comprehensive anonymization and end‑to‑end encryption, and it is kept segregated with strict access controls to prevent unauthorized retrieval or query access.

The AI‑initiated protection updates undergo several inspections to ensure system stability, security, and performance are not compromised. These inspections are automated but carefully overseen by human subject‑matter experts, including our threat‑research and security‑operations teams.

By augmenting our core technology engine with AI‑powered WAF detections, we are:

  • Strengthening protection against complex attacks
  • Leveraging Akamai’s intelligence advantage across global traffic
  • Preserving expert oversight and operational trust

A transformational step in protection

This release represents a transformational step. Adaptive protection has always been the foundation of App & API Protector. AI‑powered WAF detections extend that foundation, increasing detection depth, accelerating response cycles, and reinforcing protection for the critical apps and APIs you deliver every day.

Get started

Experience AI‑powered WAF detections in action with a free trial of App & API Protector — and step confidently into autonomous application security.

Author

Danielle Walter

Danielle Walter is an active advocate for IT professionals worldwide, leading their organizations’ growth through innovative IT transformation. She was a subject‑matter expert on messaging/branding for cloud providers before specializing in security. She enjoys collaborating on thought leadership within the industry and speaking at events. As a certified sommelier, Danielle savors her free time by exploring new wine, food, and destinations.

Tags

Security

  • Post‑Quantum Cryptography Beyond TLS: Remain Quantum Safe
    March 2, 2026 – Learn how the quantum threat extends beyond TLS — and why organizations must act now to protect their entire cryptographic infrastructure.

  • When Uptime Is Non‑Negotiable: Rethinking Zero Trust for OT Environments
    February 23, 2026 – Struggling with OT security? Discover how Akamai Guardicore Segmentation and NVIDIA BlueField DPUs integrate to enforce Zero Trust and safeguard against cyber‑threats.

  • From Clawdbot to OpenClaw: Practical Lessons in Building Secure Agents
    February 18, 2026 – OpenClaw’s rapid rise exposed gaps in agent security. Learn how its security failures map to the OWASP Top 10 for Agentic Applications and how to secure AI agents.

0 views
#devops #cloud #linode
View source
Share:
Back to Blog

Related posts

Read more »

Welcome to Container Harbour! 🚢 Ep.1

Episode 1: Welcome to Container Harbour! 🚢 Listen. LISTEN. We Need to Talk About Your Apps. 🎤 You know what cracks me up? Every time someone asks “What IS Ku...