Security
Page 8
Subresource monitoring with Compute
Compute, our serverless compute environment, can be used to solve headaches dealing with attackers looking to modify and manipulate resources. In this post, we tell you how.
Preventing SSRF: Apache CVE-2021-40438 | Fastly
Our Security Research Team provides guidance on how to address CVE-2021-40438, a vulnerability in Apache HTTP Server version 2.4.48 and earlier, by patching impacted version(s) and enabling a new templated rule to prevent exploitation.
Protect against Apache vulnerability | Fastly
The recent Apache HTTP Server vulnerability (CVE-2021-41773) is reportedly being exploited in the wild. Fastly already detects this vulnerability, but our next-gen WAF customers can also create a rule to block exploitation.
DevOps Practices Primed to Combat Threats | Fastly
Organizations implementing DevOps practices often sacrifice security for speed, exposing them to potential threats. In reality though, many DevOps practices are already primed for security initiatives.
The Importance of Securing Applications & Security in DevOps
Forrester’s 2021 Annual State of Application Security Report stresses the need for updated application security tools that can be easily integrated into development plans and architecture.
Integrating Security in DevOps
Your organization may have operational and cultural roadblocks to overcome when it comes to integrating security and DevOps. These tips can help you ensure a smooth transition to more secure DevOps.
Legacy vs next-gen WAF: the differences matter
Compare legacy versus next-gen WAFs to see what sets them apart. Determine if your company can benefit from a next-gen approach.
6 essential features of modern web app & API security tools
Modern applications need modern security tools that include flexible deployment, DevOps support, and strong API protection. Here are the six most important characteristics of modern web app and API security tools.
Atlassian Confluence OGNL Injection Vulnerability Protection | Fastly
Our Security Research Team has built and deployed a rule to help protect customers of our next-gen WAF against the recently announced Confluence Server OGNL injection vulnerability, CVE-2021-26084.
Legacy security tools: peace of mind at what price?
Companies using an average of 11 web application and API security tools should be able to rest easy, but the vast majority of them report successful attacks are still getting through. These legacy tools aren’t cutting it.
Fastly/Signal Sciences: one year update | Fastly
When we acquired Signal Sciences, we put a stake in the ground as a company that cares about the complete delivery path and making it not just resilient and performant, but inherently secure as well. Here’s our update on that mission.
Introducing right-sized web app and API protection packages
Today, we launched Fastly Secure packages, a unified web app and API security solution that provides “right-sized” protection for any organization at a spend level that works for a variety of budgets.
4 Steps to Centralized Security Tooling
Here are four repeatable steps that will help you pay down your security technical debt, make your apps and APIs more secure, and move you toward consolidated security tooling.
Why don’t your security tools work anymore?
As the internet landscape gets more complex, more API driven, and more distributed, many security and IT professionals are left wondering — why aren’t the security tools that were good enough a few years ago good enough now?
0-100 mph: Boosting App Security
How to accelerate your WAF visibility from 0 to 100MPH
New research shows security tooling is at a tipping point
We released a new report today in partnership with ESG Research that reveals some fascinating insights into the state of web application security tooling.
Request enrichment helps identify user data | Fastly
Requests passing through Fastly can be transformed in many ways. In this example, we’ll show you how to use enriched requests and our next-gen WAF to help you make more informed security decisions.
Introducing Response Security Service
Our new Response Security Service provides direct, 24/7 access to our Customer Security Operations Center to help you prepare for and respond when you suspect an attack.
How to recognize and repel four high-risk attack types
After years of helping protect companies across a variety of industries, we’ve come to recognize four common risk attack types. Here’s how they work and how to counter them.
4 Ways Legacy WAF Fails to Protect Your Apps
The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite four ways it often fails.