Overview

This repo contains the scripts necessary to parse Akamai property and redirect configs and ingest them into Neo4j. It is a starting point to help visualize your external attack surface within Akamai.

LinkedIn Blog post

Setup Neo4j

1. Download and install Neo4j: https://neo4j.com/docs/desktop-manual/current/installation/download-installation/
2. Create and start database (version 5.7.0: https://neo4j.com/docs/desktop-manual/current/operations/create-dbms/
3. Install APOC: https://neo4j.com/docs/apoc/5/installation/

Download Akamai credentials

1. Create and download akamai credentials: https://techdocs.akamai.com/developer/docs/set-up-authentication-credentials

NOTE: These values will be used in your .env

Install and run the app

1. Install python3: https://www.python.org/downloads/
2. Install poetry: https://python-poetry.org/docs/#installation
3. Install nodestream: https://nodestream-proj.github.io/nodestream/0.5/docs/tutorial/
4. Generate a new nodestream project
5. Add nodestream-akamai to your project dependencies in your nodestream projects pyproject.toml file.
6. Install necessary dependencies: poetry install
7. In nodestream.yaml add the following:

plugin_config:
  akamai:
    base_url: !env AKAMAI_BASE_URL
    client_token: !env AKAMAI_CLIENT_TOKEN
    client_secret: !env AKAMAI_CLIENT_SECRET
    access_token: !env AKAMAI_ACCESS_TOKEN
    # If you are using an akamai account key add the following line:
    account_key: !env AKAMAI_ACCOUNT_KEY
targets:
  my-db:
    database: neo4j 
    uri: bolt://localhost:7687
    username: neo4j
    password: neo4j123

1. Set environment variables in your terminal session for: AKAMAI_BASE_URL, AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN and if using an akamai account key AKAMAI_ACCOUNT_KEY.
2. Verify nodestream has loaded the pipelines: poetry run nodestream show
3. Use nodestream to run the pipelines: poetry run nodestream run <pipeline-name> --target my-db

Using make

1. Install make (ie. brew install make)
2. Run make run

Install Bloom visualization

1. For detailed instructions on how to import a perspective: https://neo4j.com/docs/bloom-user-guide/current/bloom-perspectives/perspective-creation/
2. Download the perspective to a file https://github.com/ccloes/neo4j-akamai/blob/main/Bloom_Perspective.json

Using the saved cypher queries

1. Type show endpoint <some.fqdn.com> (this will show that endpoint and the relationships to it)

• 

1. Type show akamai graph (this will show the current akamai data loaded in the graph)

• 

1. Type show schema (this will show the graph schema and how the nodes relate and their relationships)

• 

Schema visualization

Arrows.app link

Authors

• Zach Probst
• Chad Cloes
• Bryan Norman
• Gabe Gallagher
• Stuart Macleod
• Grant Hoffman