The four products in scope are App and API Protector (in-line WAAP for WAF, bot, L7 DDoS, and inline API protections), Prolexic (dedicated network-layer DDoS scrubbing through global scrubbing centers), API Security (behavioral-analytics API security built from the Neosec acquisition), and Client-side Protection and Compliance (browser-side script monitoring with a PCI-DSS v4.0 compliance dashboard). Merito sells every product in this group and delivers the implementation, rule design, threshold tuning, and ongoing run.
Akamai portfolio
Runtime protection at the edge, sold and delivered by Merito.
Web and API runtime defense, dedicated DDoS scrubbing, behavioral API security, and client-side script monitoring under one Akamai program. Sold by Merito and operated with the rule design, threshold tuning, and incident-response discipline that turn a console into a working program.
Why Merito for Akamai
An Akamai engagement is rule design, threshold tuning, and runbook authoring. Merito is the team that does the work after the console is set up.
Akamai is runtime protection. The four products in this catalog sit at the edge or inside the browser, after code has shipped, defending the running application against attackers in real time. Programs that need shift-left scanning (SAST, SCA, IaC) buy that elsewhere. Akamai is the layer below those tools that catches what code review and policy enforcement cannot.
App and API Protector is the in-line WAAP, with WAF rules, bot management, L7 DDoS controls, and basic API protections in a single inspection plane. Prolexic is the dedicated network-layer scrubbing platform, sized for the largest attacks and operated by a 24/7 SOCC team. API Security is the behavioral-analytics platform built from the Neosec acquisition that finds shadow APIs and detects business-logic abuse the WAF is blind to. Client-side Protection and Compliance is the browser-side script monitor that addresses PCI-DSS v4.0 requirements 6.4.3 and 11.6.1 and gives security teams visibility into the third-party JavaScript surface that no other tool sees.
Merito's role on every Akamai engagement is the same. We sell the license. We design the WAF and bot rules so the program does not block its own customers. We tune Prolexic thresholds so a real attack triggers without false alarms during marketing pushes. We run the API Security discovery beat that produces the actual API inventory. We stand up the Client-side Protection compliance dashboard against the customer's PCI scope. And we stay on the program through the false-positive review cycles that decide whether a runtime program earns or loses developer and customer trust.
The Akamai toolchain
The Akamai runtime protection portfolio Merito sells and operates
Runtime protection
Edge-delivered, post-deploy defense across web, API, network, and browser surfaces. Layered with the customer's existing shift-left tools, not a replacement for them.
Runtime protection
Akamai App and API Protector
Edge-delivered Web Application and API Protection (WAAP) with WAF, bot management, L7 DDoS, and inline API protections under one policy. Hybrid edition extends the same WAF rules into multicloud and on-prem environments.
See product pageRuntime protection
Akamai Prolexic
Dedicated network-layer DDoS scrubbing through 32 global scrubbing centers with 20+ Tbps of capacity, always-on or on-demand routing, and a 24/7 SOCC. Pairs with App and API Protector for a layered L3 to L7 defense.
See product pageRuntime protection
Akamai API Security
Behavioral-analytics API security platform (built from the Neosec acquisition) that discovers shadow APIs, baselines normal behavior, and detects business-logic abuse no signature WAF will catch.
See product pageRuntime protection
Akamai Client-side Protection and Compliance
Browser-side script monitoring that addresses PCI-DSS v4.0 requirements 6.4.3 and 11.6.1, detects skimmer activity, and gives security visibility into the third-party JavaScript footprint.
See product pageMerito services
Merito services across the Akamai portfolio
01
Implementation
Akamai property setup, WAF and bot rule design, Prolexic routing, API Security discovery onboarding, and Client-side Protection compliance dashboard configuration.
02MAPS Assessment
AppSec program scoping for runtime protection alongside the customer's existing WAF, DDoS, API gateway, and shift-left tooling.
03DevOps Consulting
Edge property pipelines, version-controlled WAF policy in CI, and API Security findings flowing into the developer ticketing surface.
04Premium Support
Named engineer, priority SLAs, and release-window coverage for Akamai programs Merito implements.
05Managed Services
Ongoing rule tuning, false-positive review, threshold maintenance, and compliance-dashboard operating model.
06Training and Enablement
Akamai console training, WAF and bot rule authoring, Prolexic runbook walkthroughs, API Security analyst onboarding.
07Staff Augmentation
Merito-placed Akamai engineers embedded on long-running runtime-protection programs.
Akamai licensing
Buy Akamai from the partner that also writes the WAF rules and tunes the thresholds.
Runtime protection is rule design, threshold tuning, and runbook authoring. Buy the licenses through Merito and get the rollout, the operating model, and the ongoing run together.
Related solutions
Where Akamai connects to the rest of the Merito program
Application Security
Where Akamai's runtime layer fits inside Merito's broader AppSec program with Checkmarx, Snyk, Sonatype, Black Duck, and the rest of the catalog.
Read moreDevOps Toolchain
Edge property and WAF policy under version control, with API Security findings flowing into developer ticketing.
Read moreFrequently Asked Questions
Akamai FAQs
Consultation request
Talk to Merito about Akamai
Share the runtime surface you need to defend. A Merito Akamai specialist follows up within one business day with a recommendation grounded in your environment.
Full Akamai runtime portfolio
Licenses and delivery under one statement of work
Merito sells App and API Protector, Prolexic, API Security, and Client-side Protection and operates the program after the console is up.
MAPS-driven scoping
AppSec program scoping by Merito
MAPS Assessment sizes the runtime program before implementation begins, including coverage gaps, integration points, and operating-model design.
Next step
Pick the Akamai product that fits the runtime gap. Merito designs the rules and runs the operating model.
An Akamai conversation with Merito starts with what is already in front of the application, what attack surface the customer is most worried about, and where Akamai actually fits relative to the existing stack. We recommend the layer that closes the right gap.