Akamai Technologies has released the Defenders’ Guide 2025: Fortify the Future of Your Defense. This first-of-its-kind State of the Internet (SOTI) report delivers practical research, including new findings on risk scoring, VPN abuse, and advanced malware techniques to help organizations strengthen their cybersecurity posture. For CISOs, it integrates the security-in-depth framework with proactive measures to help form a firm foundation for research-driven cybersecurity strategies.
“This guide stands as a reminder of the importance for CISOs to incorporate research into their overall cyber strategy. Leveraging leading-edge technical analyses of attacks to inform people, process, and technology enables organizations to mitigate risk within an increasingly complex digital landscape. This approach can ultimately reduce costs by optimizing our security investments and reducing the risk of costly incidents,” said Boaz Gelbord, Senior Vice President and Chief Security Officer at Akamai. “In essence, a research-driven strategy enables security teams to calibrate their program to the latest developments and build a pragmatic and relevant program to their threat landscape.”
The report offers security practitioners insights from cybersecurity experts and data scientists who are working on the front lines to combat threats on a daily basis. The Defenders’ Guide takes a different approach than conventional reports, delivering actionable intelligence rather than abstract trends.
“The cybersecurity industry has traditionally published major threat reports to serve CISOs and leaders of cybersecurity — and that’s important. What’s equally important is an annual report for first-line defenders. The Defenders’ Guide is exactly that — and it's the first of its kind in the industry. It gives defenders a comprehensive, centralized resource that consolidates new findings and best practices to stay ahead of emerging threats,” said Mitch Mayne, head of Cybersecurity Research at Akamai. “By synthesizing top-tier research, we not only empower cyber defenders with crucial insights, we also enable them to more efficiently allocate their limited time and resources toward the most impactful advancements in the field.”
Key highlights from the Defenders’ Guide 2025:
Risk management
• A new risk-scoring model quantifies organizational vulnerabilities by evaluating application importance, network complexity, and likelihood of compromise. Recommendations include endpoint impact analysis, segmentation strategies, and methods for mitigating both internal and external risks.
• Malware metamorphosis provides insights into botnet families like NoaBot and RedTail by highlighting advanced tactics such as peer-to-peer architectures and fileless malware. The report offers practical steps for mitigating these threats, including patch management and employee training.
Network architecture
• New VPN abuse research reveals vulnerabilities in VPN appliances exploited by advanced threat actors. Solutions include adopting secure LDAP protocols, custom encryption, and firmware updates.
• Cross-site scripting (XSS) research demonstrates the critical need for layered defenses to address vulnerabilities in user input processing.
Host security
• Analysis of six Kubernetes vulnerabilities from 2023–2024 outlines the risks of command injection attacks. The report emphasizes proactive patching and vigilance against emerging threats in containerized environments.
