Guide
  1. Security Hub

Improve your posture score

Take action directly from Security Hub to improve protections and raise your security posture score. You see issues surfaced for your attention and can click through to make the following types of improvements:

  • Asset coverage. Make sure all your web assets (websites, apps, and APIs) are covered by protections.
  • Configuration optimization. Get the most out of protections you already set. Security Hub helps you tweak your security configuration, so settings are effective and thorough.
  • Protection coverage. Are you ready for all types of attacks? Ensure you've implemented all possible varieties of protections to counter diverse attack vectors.
šŸ“˜

After you make improvements, it may take time for your security posture score to reflect the positive changes you made. For changes where youā€™ve optimized your security configuration, youā€™ll see improved scores almost instantly following activation. For improvements to traffic handling, youā€™ll see changes in about 48 hours, as requests are handled and analyzed by your new setup.

Ensure all your assets are covered

Security Hub can help you make sure that your identifiable web assets (like websites, hostnames, APIs, AI apps, and more) are included in your protection setup. Specifically, whether assets are scoped within a match target with some protections applied.

To see and act upon uncovered assets:

  1. Open Security Hub.

  2. In the Improve your score section, click Asset coverage.

    A panel slides open showing a list of asset coverage issues.

  3. Click the dropdown to filter the list and see only:

    • Uncovered assets. Hostnames or APIs that arenā€™t scoped for any protections at all.
    • Partially covered assets. Hostnames or APIs that have some protections, but may be missing important settings.
    • Snoozed issues. Issues you put off for later by clicking snooze.

  4. To see an issueā€™s details, click its Review link.

  5. After you read about it, take action by clicking any of the following:

    • The Fix this button to open the security policy in a new tab, where you can take the recommended action.
    • The copy list link to copy a list of hostnames you want to add to a configuration.
    • A protection icon, like DoS or Web Application Firewall to open that protection page in the specified security policy.
    • The security policy name to open it and apply additional protections, or add hostnames to protection scope within the policyā€™s match target, or associate an unprotected hostname with the security configuration that contains the policy.
    • Click Snooze to postpone a fix and get reminded in a few days.

  6. Save changes and activate the security configuration.

Get the most out of your security setup

After youā€™ve set detections, there may be lots of ways to optimize and build upon the work youā€™ve done. Security hub shows them all to you within the Improve your score sectionā€™s Configuration optimization, which evaluates settings for the selected security configuration to make sure you're getting the most out of available options. For example, it checks which protections you turned on, and confirms that you set response actions to block bad requests, not just monitor them. In other words, it looks at the quality or effectiveness of your settings to surface misconfigurations, out-of-date detections, and other gaps you can easily fix.

  1. Open Security Hub.
  2. In the Improve your score section, click Configuration optimization
    A panel slides open showing a list of issues.
  3. Click the dropdown to filter the list and see only:
    • Critical issues. Protection shortfalls that leave you open to critical threats and require immediate action.
    • All issues. Open issues of all severities. Start fixing critical issues first, then work down through less severe problems.
    • Snoozed issues. Issues you put off for later by clicking snooze.
  4. To see an issueā€™s details, click its Review link.
  5. After you read about it, take action by clicking any of the following:
    • The Fix this button to open the security policy in a new tab, where you can take the recommended action.
    • The security policy name to open it and apply additional protections as instructed.
    • A protection icon, like DoS or Web Application Firewall to open that protection page in the specified security policy.
  6. Click Snooze to postpone a fix and get reminded in a few days.
  7. Save changes and activate the security configuration.

Cover all attack vectors

How do you protect against threats you donā€™t know about? Security Hub helps identify attack vectors you haven't set defenses for. Say your website lets customers upload files. Security Hub may advise you to set up malware protection to automatically scan and protect submitted files. These are likely security solutions you need but may not know about, like a dedicated solution designed to protect your siteā€™s AI chatbot for example. When Security Hub recommends adding a solution, you can explore and often try it out. Never hesitate to ask your account team about protection recommendations.

See and act upon protection coverage recommendations to bolster your web security protection and reduce exposure.

  1. Open Security Hub.
  2. In the Improve your score section, click Protection coverage.
    Youā€™ll see security solutions and protections you can add to your security configuration to better protect your assets.
  3. To learn more about any solution, click its Start Trial button. A detailed information page opens, which explains the solution and protections it offers.
  4. To get additional details from your account team, click Iā€™m interested.

Check AI Attack Insights

Use AI Insights to stay on top of emerging threats. This solution surfaces real-time detection and detailed analysis of potential security threats, so you can respond immediately. It uses advanced detection models developed by Akamaiā€™s Threat Research Team to identify unusual traffic patterns, potential malicious attacks, and suspicious anomalies. Learn more about AI Attack Insights

Set up and check alerts

Get notified about significant events as they happen. For example, know when thereā€™s a flood of requests that look like a DoS attack, so you can make sure rate limit controls are set to deny. Learn more about Web Security Analytics Alerts