All blog posts

Page 17

The Dept. of Know Live! web app & API sec. speaker series | Fastly

Christina Nguyen

The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.

Security

OSM uses CDN for instant updates | Fastly

Hannah Aubry

OpenStreetMap, a member of our open-source program, moved from a proprietary content delivery network to ours and saw improvements in speed, customizability, and innovation.

Customers
+ 3 more

With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution

Sean Leach

The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.

Security

Easier edge building with Fastly and Glitch | Fastly

Simon Wistow

Our new partnership lets you deploy Glitch apps to Compute@Edge, making it even easier to build high-quality, customized digital experiences on our edge cloud platform.

WebAssembly
Compute

Inside Fastly: a look at our vulnerability remediation process

Sandra Escandor-O’Keefe

In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.

Engineering
Security

Domain Inspector beta now available | Fastly

Dom Soegono

Domain Inspector provides you with real-time and historical views of domain-level traffic and performance. Reduce the need for complex data pipelines, improve load balancing decisions, or reach faster incident response times through our new domain-level visualizations and data sets.

Product
Observability

Fastly Academy: on-demand learning at your fingertips. | Fastly

The Customer Enablement Team

Fastly Academy, our new on-demand learning center, contains lessons for learners of all levels. It’s one more way we’re helping you work — and expand your skills — the way that fits you best.

Customers
+ 2 more

Open redirects: abuse & recs [Ex.] | Fastly

Fastly Security Research Team

Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.

Security

How to Secure your GraphQL

Fastly Security Research Team, Simran Khalsa

There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.

Engineering
Security

Bootstrap a Compute project with Fastly Fiddle

Mark McDonnell

The Fastly CLI now supports bootstrapping Compute projects using fiddles made in Fastly Fiddle as a template. This enables users to get a local developer environment up and running very quickly using one of many ready-made solutions from Fastly’s public code example library, which can then be adapted and customized for your own needs.

DevOps
+ 2 more

Cloud Deploy simplifies Compute@Edge projects | Fastly

Kailan Blanks

We’re introducing Cloud Deploy, a wizard that helps you start building on Compute by deploying and customizing templates, and sets you up with an automated deployment workflow and best development practices.

DevOps
+ 3 more

Fastly's 2021 in Review

David Belson

In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth, and more.

Industry insights
+ 4 more

What benefits does "the edge" offer digital publishing? | Fastly

Bridget Lane

By bringing your content closer to the reader, you bypass the conventional cost and rules associated with server space and infrastructure maintenance, and you gain some additional benefits. Let’s explore them.

Performance
+ 2 more

Origin Inspector: Monitor origin traffic from the Fastly UI

Dom Fee

Origin Inspector provides you with a dataset and visualizations that offer real-time and historical visibility into responses delivered from your origin servers to our edge cloud. And we’re happy to say that it’s now in limited availability.

Product
+ 2 more

Log4Shell attacks (CVE-2021-44228) insights | Fastly

Fastly Security Research Team, Xavier Stevens, + 1 more

We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the situation. We also share our guidance around testing your environment against many of the new obfuscation methods that have been seen.

Industry insights
Security

WAF framework measures WAF effectiveness | Fastly

Fastly Security Research Team, Simran Khalsa, + 1 more

Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.

Engineering
Security

Log4Shell exploit found in Log4j | Fastly

Fastly Security Research Team, Xavier Stevens, + 1 more

CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.

Security
Engineering

30 Years of Web: Building for Tomorrow

Lee Chen

The web’s infrastructure — and the applications we build on it — must constantly evolve to meet the ever-transforming expectations of modern and future end users. We’ve gathered five lessons today’s builders can use to drive the next three decades of the web.

Industry insights
+ 2 more

Grinch bots penalized w/ enriched security data & our edge cloud platform | Fastly

Brooks Cunningham

In this post, we’ll show how you can use information from an origin response to add an abuse IP address to our penalty box. We've been touting the promise of security at the edge, and this is just one example of what it can do.

Security
+ 2 more

Lies, stats, debunking Cloudflare | Fastly

Andrew Betts, Laura Thomson, + 1 more

A couple of weeks ago Cloudflare, one of our competitors, claimed that their edge compute platform is roughly three times as fast as Compute@Edge. The false claim is a great example of how statistics can be used to mislead.

Industry insights
Compute