Back to blog

Follow and Subscribe

With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution

Sean Leach

Chief Product Architect, Fastly

We hear from the biggest brands in the world that security is only getting more difficult as they add new architectures and their web apps and APIs spread out from on-prem web servers to the cloud. Getting a holistic view of attacks on these apps and APIs is difficult, and organizations wind up with multiple tools all with different interfaces — not all of which integrate with dev and security tools they’ve already invested in.

The answer to this challenge is a unified web application firewall (WAF) solution that protects not just the apps you have today on-premises and in the cloud, but also the ones you build at the edge in the future. And as of today, we’re the first — and only — ones to offer it. 

We’re excited to announce that as of today, the Fastly Next-Gen WAF (powered by Signal Sciences) can now be deployed at the edge, offering you the flexibility to install where it makes the most sense for you — today and in the future. Finally, a unified web app and security solution available anywhere.

The promise of Signal Sciences and our edge cloud network delivered

Our vision is a world where all digital experiences are fast, engaging, and safe for everyone. It was this vision that propelled us to acquire Signal Sciences, and the launch today is a key milestone in our joint technology bringing that vision to life. Deploying the Fastly Next-Gen WAF inside our global edge cloud network brings protection closer to end users and shields origin systems from abusive traffic. Your applications and services are safe without having to sacrifice speed of deployment or delivery.

Built on top of Compute@Edge, the Fastly Next-Gen WAF at the edge delivers the powerful performance and effortless scalability that organizations require to deliver modern digital experiences. No more worrying about adding additional servers or spinning up new cloud instances as your traffic changes. Compute@Edge allows our web application and API protection solution to automatically scale.

Deployment at the edge — or anywhere you need it

With this launch, we now have the most flexibly deployed WAF on the market and can protect apps and APIs wherever they are — in containers, on-prem, in the cloud, or at the edge — with one integrated solution. Whichever deployment method you choose, your business-critical apps and APIs get the modern protection they need.

  • Trustworthy blocking: Our next-gen WAF is so effective, accurate, and reliable that more than 90% of customers use it in full blocking mode in production environments

  • Accelerate software delivery: Our low false positive rate, combined with our architectural flexibility, means you can accelerate and automate app deployment to deliver new code to users faster and eliminate tuning toil.

  • Near-zero tuning: Our unique approach to attack detection is more accurate than signatures and requires virtually no tuning or maintenance. This approach also enables rapid updates for critical exploits; for example, we quickly issued a rule for the recent Log4j 0Day RCE exploit that customers can enable.

  • Deployment flexibility: No other WAF vendor has the breadth of deployment options we have: on-prem, cloud, containers, at the edge, or a hybrid of these. This flexibility allows you to protect your applications wherever they live and maintain the same effective protection even as you transform or migrate to modern architectures and environments

  • Unified platform: Unlike with some other vendors, you don’t have to choose between different WAF products for each of your architectures and environments. Instead, you get a single platform with a consolidated view of unwanted activity and unified management across all your deployments.

  • Visibility across the application footprint: No matter where you deploy your apps and APIs, our technology provides real-time visibility into how attackers seek to abuse and misuse them, as well as how and why unwanted activity was blocked. And that visibility can be provided via our API and integrations with the DevOps and security tools your team already uses. 

A security solution that grows with your business

In addition to helping you future proof your organization by protecting your applications wherever they live, now and tomorrow, the Fastly Next-Gen WAF’s rapid deployment provides quick time to value today. Many customers have it up and running in minutes to hours — without the need to add dedicated headcount to create, test, and maintain rules as attacks evolve or as your codebase changes over time.

Plus, with highly-rated effectiveness and support — as evidenced by three years in the Gartner Magic Quadrant for Web Application and API Protection and three years as a Gartner Peer Insight Customers' Choice recipient — you know you’re getting a proven solution. 

Ready to get started? Reach out and we’ll get in touch. 


Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.