We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the…

CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.

Our Security Research Team has built and deployed a rule to help protect customers of our next-gen WAF against the recently announced Confluence Server OGNL injection vulnerability, CVE-202…

Fastly’s security research team has built and deployed a rule to protect Signal Sciences Next-Gen WAF customers against the recently announced Microsoft Exchange Server vulnerabilities.