Data AnalysisVerified

Akamai uses machine learning in its API Security product to automatically discover undocumented APIs across a customer's infrastructure and detect anomalous or malicious API traffic in real time. The product has been generally available and receives ongoing updates; a Q4 2024 update enhanced threat-blocking capabilities.

Details

API Security uses machine learning-fueled detection to identify API vulnerabilities, shadow APIs (undocumented endpoints), and attacks including those listed in the OWASP API Top 10. It continuously monitors API behavior, learns normal usage patterns, and flags deviations such as unusual request rates, unexpected endpoint access, or suspicious payloads. In 2025, Akamai added API LLM Discovery to automatically discover and tag AI-related API endpoints, including those connected to LLMs and Model Context Protocol servers.

Products affected

Akamai API SecurityAkamai App & API Protector

Sources & Evidence

Company Disclosure

Company DisclosureVerified

API Security | Akamai

Akamai·Jan 2025

https://www.akamai.com/products/api-security

Company DisclosureVerified

Major Enhancements to Akamai API Security, Q4 2024

Akamai Blog·Dec 2024

https://www.akamai.com/blog/security/major-enhancements-akamai-api-security-q4-2024

Other practices by Akamai Technologies

Data AnalysisAkamai uses machine learning models in its Akamai Hunt service to automatically detect suspicious movement of attackers through customers' internal networks, surfacing threats that evade traditional security tools. Human security experts then investigate each flagged event before alerting the customer.Data AnalysisAkamai uses AI in its Guardicore Segmentation product to automatically map how applications and devices communicate inside a customer's network, then generate ready-to-enforce security policies that limit attackers' ability to move between systems. Major AI-powered updates to this product were announced in April 2024 and March 2026.ModerationAkamai uses an AI framework in its Bot Manager product to automatically distinguish human web visitors from malicious automated bots across customer websites, apps, and APIs, assigning each request a bot-likelihood score in real time. This capability has been in production for multiple years and handles an average of 40 billion bot requests per day.

Have evidence about Akamai Technologies's AI practices? Submit a report.

Report a Sighting →