Security
Page 2
Deadlock bugs: circular waits of torment | Fastly
This post will illuminate how deadlock bugs emerge, some facets of their fascinating and frustrating strangeness, and guidance on how to handle them in your own systems.
Join Fastly Security Labs: Try New WAF Features | Fastly
Today, we’re happy to announce the launch of Fastly Security Labs, a new program that empowers customers to continuously innovate by being the first to test new detection and security features — ultimately shaping the future of security.
Dept. of Know Live: Tips for asset management | Fastly
Founder of Unsupervised Learning Daniel Miessler joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why we can’t ignore asset management’s role in security. In this blog post, Daniel shares highlights from the conversation.
Introducing GraphQL Inspection for the Fastly Next-Gen WAF
GraphQL is fast gaining popularity, and we’re excited to announce that we now support GraphQL Inspection in our Fastly Next-Gen WAF (powered by Signal Sciences).
Spring: CVE-2022-22963 & Spring4Shell (CVE-2022-22965) | Fastly
In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.
Dept. of Know Live: Ellen Körbes on developer experience. | Fastly
Ellen Körbes, Senior Product Line Manager at VMware Tanzu Kubernetes, joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how security falls short of developer expectations. In this blog post, Ellen shares highlights from the conversation.
Fastly's Next-Gen WAF now works with Arm at scale | Fastly
The Fastly Next-Gen WAF is now the only WAF on the market to be Arm compatible at scale in any environment, allowing you to deploy our security solution in environments using Arm-based processors on NGINX-native web servers — or anywhere else you host your apps and APIs.
Fastly named Customers' Choice for Web App and API Protection four years in a row | Fastly
With this year’s achievement, we are the only vendor to be named a Customers’ Choice in the Gartner Peer Insights™ “Voice of the Customer” Web Application and API Protection report for four years in a row with an average rating of 4.9 out of 5.0 stars.
Dept. of Know Live: Omar on building secure apps the easy way | Fastly
Betterment Staff Security Engineer Omar joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why building more modern applications means building secure ones, and how we can get there. In this blog post, Omar shares highlights from the conversation.
Dept. of Know Live: Sounil Yu on DIE security model | Fastly
JupiterOne CISO and Head of Research Sounil Yu joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how to make security an enabler of innovation. In this blog post, Sounil shares highlights from the conversation.
Defense-in-Depth Security for Web Apps | Fastly
While there’s no magic answer to stop all cyberattacks, there are a number of principles used in a defense-in-depth strategy that can be put in place ahead of a possible attack to limit its impact.
Dept. of Know Live! 4 highlights from Rinki Sethi's chat on modern security | Fastly
Former Twitter CISO Rinki Sethi joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about what success in modern security means. In this blog post, Rinki shares four highlights from the conversation.
Custom response codes for Fastly WAF | Fastly
With the introduction of custom response codes, our edge cloud network can now pick up response codes from the Fastly Next-Gen WAF and take custom action at the edge — without the need to create advanced rules. That means more customized, more efficient security for our customers.
The Dept. of Know Live! web app & API sec. speaker series | Fastly
The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.
With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution
The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.
Inside Fastly: a look at our vulnerability remediation process
In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.
Open redirects: abuse & recs [Ex.] | Fastly
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.
How to Secure your GraphQL
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.
Fastly's 2021 in Review
In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth, and more.
Log4Shell attacks (CVE-2021-44228) insights | Fastly
We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the situation. We also share our guidance around testing your environment against many of the new obfuscation methods that have been seen.
