All blog posts
Page 28
Accelerate your digital transformation
Digital transformation is one of the most-discussed topics at executive events — but what does it really mean for businesses? We'll explore the right framework for businesses of all kinds to think through digital transformation, and how to move control and capability to the edge of your organization.
Surfacing Key Indicators of Account Takeovers
This post focuses on the key authentication events that financial services organizations should monitor to defend against account takeovers. We’ll also illustrate how utilizing a threshold-based approach enables organizations to identify irregular request patterns to spot fraudulent authentication and account activity.
Listening to Web Attacks Remixed!
Sigsci-sounds monitor attack and anomaly data and will play a sound for each type of attack or anomaly.
3 Key Takeaways from Altitude SF | Fastly
1.4 billion active monthly users, 10 billion requests per day, and 5.2 TB per second peak traffic — these are some of the staggering numbers we heard about at our 7th Altitude conference where customers, partners, and Fastlyans gathered to share experiences, exchange information and insights, and enjoy some tasty food and valuable networking. Here’s a few themes from the event worth highlighting.
Introducing Platform TLS and Subscriber Provided Prefix
Today we’re announcing two new offerings on the Fastly platform: Platform TLS and Subscriber Provided Prefix. Both empower companies to provide fast, secure web experiences to their customers and end-users, while reducing the workload on their own internal teams. Large companies, such as those offering mass hosting or managing multi-brand portfolios, can now quickly and easily manage hundreds of thousands of certificates in bulk.
Testing HTTP freshness in CDNs
CDNs all use HTTP caching to optimize performance, but sometimes different CDNs do it in slightly different ways and that can make things more complicated for our customers. This blog post makes a case for CDN interoperability and introduces a common test suite to help identify differences between CDNs to start paving the way.
7 business uses for logging
To create effective logs, you first need to consider what you’re trying to achieve in capturing and maintaining logs. If you don't begin with a clear business goal and proactively plan your logging strategy, you take the risk that you’ll find yourself either without the data you need at a critical moment, or overloaded with extraneous information. Here are 7 ways you can use logs.
3 Common logging challenges
Effective logging requires thoughtful planning and consistent tuning and maintenance. Here are three of the biggest challenges of logging.
Patterns for authentication at the edge
Identity is a boring, but necessary element of most website builds. Validating a user’s identity and access rights is something that is in the critical performance path, required site-wide, and often implemented in a bespoke way. Moving it to the edge improves performance, and can simplify your application architecture.
Fastly's Response to SegmentSmack
A remotely exploitable denial-of-service (DoS) attack against the Linux kernel, called SegmentSmack, was made public on August 6th, 2018 as CVE-2018-5390. Fastly was made aware of this vulnerability prior to that date through a responsible disclosure. As part of our initial investigation, Fastly discovered a candidate patch proposed by Eric Dumazet from Google to address this vulnerability. We discussed the vulnerability and the patch with Eric, reproduced the attack, validated the patch as a fix, and estimated the impact of the vulnerability to our infrastructure. We immediately deployed temporary mitigations where we were most vulnerable, while simultaneously preparing and rolling out a patched kernel to our fleet.
Elevating the user experience at Fastly
We’re excited to share several recent user experience updates that enhance WAF, Image Optimizer, and user management functionality in the Fastly control panel.
2018: What is Next for Fastly?
Since Fastly’s founding seven years ago, we’ve remained focused on scaling our business differently, with care and purpose. We’re building a talented team, and carefully select customers who share a similar vision – to create a better internet.
Hijacking the control flow of a WebAssembly program
While WebAssembly has already proven a fertile attack surface for the browser, as more web application code moves to WebAssembly from Javascript there will be a need to research and secure WebAssembly programs themselves. The WebAssembly design obviates common classes of attacks that might be inherited from development languages like C and C++, but there is still some room for exploitation. This tutorial will cover control flow protection guarantees provided by WebAssembly, known weaknesses, and how to use clang control flow integrity (CFI) in WebAssembly programs to mitigate some risks around control flow hijacks.
Network Expansion Update: 51 POPs & 22 Tbps
We have been busy over the first half of the year launching POPs in Vancouver, Canada; Santiago, Chile; Buenos Aires, Argentina; and Mumbai and Chennai, India. Additionally, we’ve completed upgrade cycles to our POPs in Sydney and Melbourne, Australia; Paris, France; Madrid, Spain; Denver, Colorado; and Chicago, Illinois. This work brings the total global number of Fastly POPs to 51 along with 22 Tbps of connected network capacity.
Introducing Quick Value Packages
Keeping your digital presence continuously tuned, optimized, and secure to align with changing business and technical requirements can be time consuming. That’s why we’ve put together our Quick Value Packages — a collection of expert consulting services focused on performance, analytics, and security. Each one allows you to tap into Fastly’s expertise to keep up with the ongoing change and complexity of modern businesses — all while freeing up your IT and engineering resources. You’ll deliver quick wins and delight your teams, enabling you to focus on driving your business forward.
How to get Faster Websites With Early and Priority Hints
Websites still load too slowly. During the most critical time in the page load lifecycle, your connection is often almost totally idle. At Fastly, we’re watching a new technology that hopes to make better use of that critical first couple of seconds.
Early TLS at Fastly
While we started with an original intention to fully deprecate TLS 1.0 as early as 2015, we’re currently reporting that about 20% of our customers in total are still relying on TLS 1.0 and TLS 1.1. Providing breadth-of-access means that not everyone can upgrade their browser or phone, and for some users, Fastly is their gateway to web access. It’s a balance we’re trying hard to preserve and something that is central to who we are as a web enabler. Starting today, we’re taking a different approach to our TLS deprecation.
The headers we want
Manipulating HTTP headers is one of the most common things that Fastly customers do. Using the right combination of headers is one of the best things you can do for the security of your site, and also a significant contributor to performance.
Recent Drupal Vulnerabilities
Hours after Drupal released a patch in April, 2018, attackers had already created and shared proof-of-concept exploit code resulting in over one million vulnerable sites. This news came four weeks after disclosure of Drupalgeddon 2, which was another major remote code execute vulnerability. Installing patches and updating your WAF rules can help you prevent attackers from exploiting this vulnerability to take control of your servers.
How Sleeping Duck survived Shark Tank
Fastly customer Sleeping Duck appeared on Shark Tank in July 2017, which sparked a sudden influx of traffic to their site. In the following post, Tech Lead Matthew Vandenbossche discusses how they prepared for the event, and how Fastly helped.
