Security
Page 7
Fastly named Customers' Choice for Web App and API Protection four years in a row | Fastly
With this year’s achievement, we are the only vendor to be named a Customers’ Choice in the Gartner Peer Insights™ “Voice of the Customer” Web Application and API Protection report for four years in a row with an average rating of 4.9 out of 5.0 stars.
Dept. of Know Live: Omar on building secure apps the easy way | Fastly
Betterment Staff Security Engineer Omar joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why building more modern applications means building secure ones, and how we can get there. In this blog post, Omar shares highlights from the conversation.
Dept. of Know Live: Sounil Yu on DIE security model | Fastly
JupiterOne CISO and Head of Research Sounil Yu joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how to make security an enabler of innovation. In this blog post, Sounil shares highlights from the conversation.
Defense-in-Depth Security for Web Apps | Fastly
While there’s no magic answer to stop all cyberattacks, there are a number of principles used in a defense-in-depth strategy that can be put in place ahead of a possible attack to limit its impact.
Dept. of Know Live! 4 highlights from Rinki Sethi's chat on modern security | Fastly
Former Twitter CISO Rinki Sethi joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about what success in modern security means. In this blog post, Rinki shares four highlights from the conversation.
Custom response codes for Fastly WAF | Fastly
With the introduction of custom response codes, our edge cloud network can now pick up response codes from the Fastly Next-Gen WAF and take custom action at the edge — without the need to create advanced rules. That means more customized, more efficient security for our customers.
The Dept. of Know Live! web app & API sec. speaker series | Fastly
The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.
With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution
The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.
Inside Fastly: a look at our vulnerability remediation process
In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.
Open redirects: abuse & recs [Ex.] | Fastly
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.
How to Secure your GraphQL
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.
Fastly's 2021 in Review
In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth, and more.
WAF framework measures WAF effectiveness | Fastly
Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.
Log4Shell attacks (CVE-2021-44228) insights | Fastly
We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the situation. We also share our guidance around testing your environment against many of the new obfuscation methods that have been seen.
Log4Shell exploit found in Log4j | Fastly
CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.
30 Years of Web: Building for Tomorrow
The web’s infrastructure — and the applications we build on it — must constantly evolve to meet the ever-transforming expectations of modern and future end users. We’ve gathered five lessons today’s builders can use to drive the next three decades of the web.
Grinch bots penalized w/ enriched security data & our edge cloud platform | Fastly
In this post, we’ll show how you can use information from an origin response to add an abuse IP address to our penalty box. We've been touting the promise of security at the edge, and this is just one example of what it can do.
30 Years of Web: Securing Tomorrow
To create more secure and resilient web experiences, we must design, build, and execute applications with security top of mind, and consider how the lessons of the past 30 years inform how we think about the future of security.
30 Years of Web: Future-Ready Apps
Many websites today are really applications, and we should be building them as such. To do that, we need application architectures and networks that are capable of supporting fast, secure, and scalable user experiences. We must embrace a more dynamic mindset in how we approach web development and consider the tools we need to get there.
30 Years of Web: Future Demands
As we look back to celebrate the 30th anniversary of the website, it’s also worth thinking about the next 30 years. There are a couple of areas where we — as engineers, developers, and builders in general — can champion innovation, mainly around architecture and security.
