Follow and Subscribe

Fastly Security Research Team

Fastly Security Research Team
29 août 2022
If your application is on the internet, chances are it has been subjected to nefarious automation. These events can include many different attacks – including content scraping, credential…
20 juillet 2022
TLS fingerprinting has become a prevalent tool to help security defenders identify what clients are talking to their server infrastructure.
3 mai 2022
Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting…
31 mars 2022
In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.
20 janvier 2022
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you…
12 janvier 2022
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and…
14 décembre 2021
Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.
14 décembre 2021
We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the…
10 décembre 2021
CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.
11 novembre 2021
Compute, our serverless compute environment, can be used to solve headaches dealing with attackers looking to modify and manipulate resources. In this post, we tell you how.
18 octobre 2021
Our Security Research Team provides guidance on how to address CVE-2021-40438, a vulnerability in Apache HTTP Server version 2.4.48 and earlier, by patching impacted version(s) and enabling…
7 octobre 2021
The recent Apache HTTP Server vulnerability (CVE-2021-41773) is reportedly being exploited in the wild. Fastly already detects this vulnerability, but our next-gen WAF customers can also…

Ready to get started?

Get in touch or create an account.