At RSA Conference 2025, Akamai’s presence wasn’t just about visibility—it was about leading the AI security conversation. In this interview, Steve Winterfeld, Advisory CISO at Akamai, outlines how the company is preparing customers for the real-world risks of adopting large language models (LLMs) and how ungoverned APIs are widening the threat landscape.

“AI is newer,” Winterfeld said, “but the challenges are familiar—just scaled differently. We’re seeing zombie APIs, rogue APIs, and now LLMs being introduced without the right security controls.”

Drawing from Akamai’s State of the Internet report, Winterfeld pointed to the proliferation of forgotten or untracked APIs, often published without security oversight. These so-called “zombie” or “ghost” APIs are being actively targeted with DDoS and abuse attacks. As enterprises begin experimenting with LLMs, they risk repeating these same missteps—opening new vulnerabilities that current security stacks aren’t equipped to handle.

This is where Akamai is stepping in. The company is extending its security approach to align with the evolving OWASP threat model—starting from web pages, moving through APIs, and now focused on LLMs.

“When OWASP builds a Top 10 list for LLMs, it signals that these threats are no longer hypothetical,” Winterfeld noted. “We’re already seeing real impacts across infrastructure.”

Akamai’s defense strategy is layered. It includes visibility into where APIs live, detection of abnormal traffic behaviors, and segmentation techniques that limit the blast radius if something goes wrong. Most importantly, Winterfeld emphasized the importance of making informed mitigation decisions based on real telemetry.

“Once you understand the risk,” he said, “the next question is: have I made the right decisions to protect my infrastructure?”

As the security community races to keep up with AI adoption, Akamai’s stance is refreshingly pragmatic. It’s not about stopping AI—it’s about securing it before the blast radius grows.

For security leaders looking to stay ahead of the curve, the takeaway from RSA 2025 is clear: AI won’t wait. And neither will the attackers.

RSA 2025: AI Security, Zombie APIs, and the Next Wave of Threats

Why AI Governance Is the Foundation of a Real AI Strategy

Mirantis Doubles Down on Open Source with k0rdent and CNCF Integration

Why AI Governance Is the Foundation of a Real AI Strategy

Mirantis Doubles Down on Open Source with k0rdent and CNCF Integration

You may also like

Where Should CISOs Start with MITRE? Steve Winterfeld’s Practical Entry Point | Akamai | TFiR

Zero-Day Threats Don’t Wait for Antivirus: AI Predicts Malware Before Execution | Dr. Aqib Rashid, Glasswall | TFiR

Why Enterprise Automation Keeps Failing — And How Kognitos Is Fixing It With Neurosymbolic AI | TFiR

Trusted Developer Tools Are Now Malware Delivery Systems: ThreatDown’s Marco Giuliani on the Deno Runtime Attack

How Akamai Maps Its Security Stack to the Full MITRE ATT&CK Chain | Steve Winterfeld, Akamai | TFiR

API Attacks Surge 113% as Attackers Shift to Coordinated Multi-Vector Campaigns | Steve Winterfeld, Akamai