Guests: Ari Weil | Matt Butcher
Companies: Akamai | Fermyon
Show Name: An Eye on AI
Topics: Edge Computing, Kubernetes

Edge computing promises lower latency and better performance, but it also expands the attack surface. How do you secure distributed workloads running across thousands of global locations without creating friction for developers? Matt Butcher, now VP of Product at Akamai and former CEO of Fermyon, and Ari Weil, VP of Product Marketing at Akamai, have an answer: WebAssembly’s battle-tested security model combined with Akamai’s layered protection approach.

WebAssembly wasn’t designed for edge computing—it was designed for survival. As Butcher explains, WebAssembly was built to run in the web browser, arguably the most hostile computing environment ever created. Browsers face constant attacks from malicious actors attempting to steal data, manipulate content, or exploit vulnerabilities. WebAssembly’s creators engineered it with a tremendously strong security sandboxing layer to protect users from these threats.

That same security model translates powerfully to server-side, cloud, and edge environments. Butcher notes that WebAssembly’s sandboxing is actually stronger than Docker’s. For Fermyon, this meant they could build a runtime that executes user-provided functions while remaining resilient against attacks targeting the WebAssembly layer itself, the underlying platform, and even the developers building on top of it. “We’ve carried that story from Spin’s early development through to Fermyon Wasm functions,” Butcher says, emphasizing how this security-first approach has been central to their platform since the beginning.

But runtime security is just one layer. Weil outlines Akamai’s comprehensive security philosophy, which spans four critical areas: application security, workload protection, access control, and infrastructure hardening.

Application security covers everything from websites to APIs and emerging MCP connections into data and application environments. Workload protection becomes essential once backend services and microservices connect—if anything malicious enters through the front end, Akamai’s systems work to contain or stop its spread before it escalates into a major incident.

Access control addresses a complex reality: developers need to upload code, commit to GitHub, and log into third-party services including LLM platforms for coding assistance. All these access points require monitoring and management. Weil’s team has focused on unifying signals across the application, workload, and access layers to create a coherent security posture.

Infrastructure security might seem unglamorous compared to AI-driven features, but recent internet outages have highlighted its critical importance. DNS vulnerabilities and misconfigurations have caused significant service disruptions. Akamai has invested heavily in automation to make infrastructure security invisible to developers while ensuring it remains rock solid and reliable.

This philosophy connects directly to their distributed computing vision. “We don’t believe compute should be centralized,” Weil emphasizes. “It should be distributed.” Fermyon’s platform validates this approach by showing customers how easy it is to develop and launch applications in a distributed model. But distributed computing only works at scale if it maintains reliability without creating operational complexity.

The combination of WebAssembly’s inherent security advantages and Akamai’s layered protection creates a platform where developers can move fast without compromising security. Automation handles the infrastructure concerns that used to create friction. The sandboxing protects against runtime vulnerabilities. And the layered approach ensures that even if one defense layer is breached, additional protections contain the damage.

For enterprises evaluating edge computing strategies, this represents a significant shift from legacy security models built around centralized perimeters. Edge-native applications require security that travels with the workload, adapts to distributed environments, and operates without constant manual intervention. WebAssembly’s browser-tested security model combined with enterprise-grade infrastructure protection offers exactly that combination.