Security
Page 2
Detection as Code with Fastly's WAF Simulator
Being able to test and validate rule behavior is critical to a maintainable WAF. With our WAF Simulator, you can validate rules in a safe simulation environment.
It’s free, instant, and yours! Fastly’s free developer accounts are here
We’re excited to announce free developer accounts. You can instantly get started and take advantage of the most developer-friendly edge platform in the world.
Built with Fastly Spotlight: LeakSignal stops GenAI data leaks
Learn about how LeakSignal leverages Fastly's industry-leading edge cloud platform to power its cutting-edge data flow governance solution.
Fastly and Google partner to enhance your privacy while protecting Chrome users from online threats in real-time
We're excited to announce that Google Chrome is leveraging Fastly Oblivious HTTP (OHTTP) Relay to support the Standard protection mode in Chrome.
Time’s up! How RPKI ROAs perpetually are about to expire
In this post, we'll dig deeper into the mechanics of RPKI to understand how the cryptographic chain contributes to the effective expiration date of a ROA.
Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins
We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000.
Fastly drives improved internet routing security with global push to adopt RPKI
Fastly actively supports and participates in IETF, driving network security standards. Learn how we're enhancing routing security and improving industry standards for a safer Internet.
Chaotic Good: Resilience Stress Tests at the Edge
Getting started with chaos experimentation? In this post, we’ll walk through a small starter example experiment – verifying basic security assumptions on a website.
Creating industry-leading managed security commitments
Get proactive commitments to your security with Fastly’s industry-first Time to Notify SLA for its Managed Security Service customers.
Six years in a row: Fastly once again named Customers’ Choice for Cloud WAAP
Fastly has been recognized in the 2024 Gartner® Peer Insights™ Voice of the Customer for Cloud Web Application and API Protection.
Introducing effortless bot management for a better, safer web
See how Fastly's Bot Management targets malicious bots to protect your apps and website for a better user experience. Learn more about our bot management capabilities.
Stay ahead of attackers by pushing your security perimeter to the edge
An effective edge security strategy can provide significant benefits and protect organizations from the continually evolving threat landscape.
Are APIs the Key to Digital Innovation or a Trojan Horse?
In this new report, we surveyed 235 IT and cybersecurity professionals across Europe to shed light on the state of API security.
TLS: More secure; always fast
This post details the journey of improving the security of TLS private keys and improving the performance and efficiency of TLS handshakes along the way.
PCI DSS v 4.0 Everything to know before Mar 31, 2024
The PCI Security Standards Council announced Version 4.0, the latest iteration forces nearly every organization to update policies, procedures, and more.
A new level of security called for by the White House and Office of the National Cyber Director
The White House and Office of the National Cyber Director called for the adoption of memory safe languages, and we see a way for existing code be more memory safe as well.
How to Protect Against Credential Stuffing
In this post, we will discuss a low latency approach to detect these attacks by co-locating the password hashes in a KV Store, along with Compute on Fastly’s edge.
Threshold blocking best practices
Learn threshold blocking best practices and how it increases your WAF confidence so you can get into blocking mode faster.
BoringSSL to make TLS more secure
Replacing OpenSSL with BoringSSL was to reduce the frequency of CVE response and improve the security of our TLS termination system for our customers.
The evolution of blocking
Flexibility is required for confident blocking decisions that impact as little legitimate traffic as possible. Learn more about the evolution of blocking.
