Security

Page 9

New research shows security tooling is at a tipping point

Brendon Macaraeg

We released a new report today in partnership with ESG Research that reveals some fascinating insights into the state of web application security tooling.

Security

Request enrichment helps identify user data | Fastly

Brooks Cunningham

Requests passing through Fastly can be transformed in many ways. In this example, we’ll show you how to use enriched requests and our next-gen WAF to help you make more informed security decisions.

Product
Security

Introducing Response Security Service

Kevin Rollinson

Our new Response Security Service provides direct, 24/7 access to our Customer Security Operations Center to help you prepare for and respond when you suspect an attack.

Security

How to recognize and repel four high-risk attack types

Brendon Macaraeg

After years of helping protect companies across a variety of industries, we’ve come to recognize four common risk attack types. Here’s how they work and how to counter them.

Security

4 Ways Legacy WAF Fails to Protect Your Apps

Liz Hurder

The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite four ways it often fails.

Security

Suggestive signals: how to tell good bot traffic from bad

Brendon Macaraeg

While some bots are benign search engine crawlers or website health monitors, others are on the prowl with nefarious intent, looking to execute account takeovers and compromise APIs. In this post, we’ll look at how to tell them apart in order to allow the good bots and block the bad ones.

Security

Cranelift vetted for secure sandboxing in Compute@Edge | Fastly

Pat Hickey, Chris Fallin, + 1 more

Alongside the Bytecode Alliance, Fastly’s WebAssembly team recently led a rigorous security assessment of Cranelift, an open-source, next-generation code generator for use in WebAssembly to provide sandbox security functionality.

Industry insights
+ 3 more

Answers to your top Kubernetes security questions

Brendon Macaraeg

As Kubernetes has become widespread for container orchestration needs, it’s natural for security questions to arise. Here are answers to the Kubernetes questions we hear most often.

Security

Prevent Wasm Compiler Bugs Early | Fastly

iximeow, Chris Fallin

We recently discovered a compiler bug in part of the WebAssembly compiler that we use for Compute@Edge, that could have allowed a WebAssembly module to access memory outside of its sandboxed heap. But because of the people, processes, and tools we have in place, the bug was caught and patched on our infrastructure before it was exploited.

Security
WebAssembly

More is less: stop adding to your security tool technical debt

Brendon Macaraeg

Throwing new security tools at new threats results in scattershot protection and builds technical debt. Organizations need uniform protection for applications and APIs, regardless of where they live.

Security

API and ATO Security Challenge Addressed | Fastly

Brendon Macaraeg

New Fastly next-gen WAF dashboards surface security telemetry from more than 20 new signals for advanced attack scenarios, such as account takeover, credit card validation, and password reset.

Security
Observability

Fastly and Okta partner to lock down layer 7

Sean Leach

Layer 7 is a primary battleground for web application and API security. Fastly and Okta have partnered together to share threat intelligence, so security and development teams can better protect their systems.

Security
Company news

Building Security Mindset in Engineering

Kevin Rollinson

Explore how leaders from both sides of the aisle have built thriving secure DevOps cultures by putting trust in people first.

Security
DevOps

You asked, we delivered: Terraform support for TLS is here

Joe Hoffend, Sudhir Patamsetti

Teams can now automate their Fastly TLS workflows through Terraform — including issuing certificates, retrieving TLS details, and performing other updates.

Security
Product

Fastly (Signal Sciences) repeated Customers’ Choice | Fastly

Andrew Peterson

Fastly (Signal Sciences) has been recognized as a Customers’ Choice for Web Application Firewalls in the 2021 Gartner Peer Insights “Voice of the Customer” report.

Company news
+ 2 more

Next-Gen WAF for Microsoft Exchange | Fastly

Fastly Security Research Team, Xavier Stevens, + 1 more

Fastly’s security research team has built and deployed a rule to protect Signal Sciences Next-Gen WAF customers against the recently announced Microsoft Exchange Server vulnerabilities.

Product
Security

Engineering leaders: security is your job, too

Sean Leach

The rise of secure DevOps has left many security professionals vying for the attention and support of their engineering counterparts. What can engineering leaders do to bridge the gap? We have four ideas to help you build security into your DevOps culture, workflows, and goals.

Culture
+ 3 more

3 Benefits CDN's Bring to Startups

Simon Wistow

A modern CDN can help improve SEO rankings, make it easier to deliver personalized content, and secure your sites and apps — three keys to a startup’s success.

Performance
+ 2 more

The new rules for web app and API security

Sean Leach

Nearly everything we know about building web applications and APIs has changed in the last few decades. So why hasn't security? We argue it's time for a new approach to web app and API security, one that follows suit with how applications are really built and teams really work.

DevOps
Security

A unified platform is the future of secure DevOps

Cassandra Dixon

Fastly and Signal Sciences have joined forces to build the next generation of web app and API security at the edge. Explore what makes our approach different, and how it will empower developers to build more securely than ever before.

Security
Events