Our Security Research Team provides guidance on how to address CVE-2021-40438, a vulnerability in Apache HTTP Server version 2.4.48 and earlier, by patching impacted version(s) and enabling…

The recent Apache HTTP Server vulnerability (CVE-2021-41773) is reportedly being exploited in the wild. Fastly already detects this vulnerability, but our next-gen WAF customers can also…

Organizations implementing DevOps practices often sacrifice security for speed, exposing them to potential threats. In reality though, many DevOps practices are already primed for security…

Forrester’s 2021 Annual State of Application Security Report stresses the need for updated application security tools that can be easily integrated into development plans and architecture.

Your organization may have operational and cultural roadblocks to overcome when it comes to integrating security and DevOps. These tips can help you ensure a smooth transition to more secure…

Compare legacy versus next-gen WAFs to see what sets them apart. Determine if your company can benefit from a next-gen approach.

Modern applications need modern security tools that include flexible deployment, DevOps support, and strong API protection. Here are the six most important characteristics of modern web app…

Our Security Research Team has built and deployed a rule to help protect customers of our next-gen WAF against the recently announced Confluence Server OGNL injection vulnerability, CVE-202…

Companies using an average of 11 web application and API security tools should be able to rest easy, but the vast majority of them report successful attacks are still getting through. These…

When we acquired Signal Sciences, we put a stake in the ground as a company that cares about the complete delivery path and making it not just resilient and performant, but inherently secure…

Today, we launched Fastly Secure packages, a unified web app and API security solution that provides “right-sized” protection for any organization at a spend level that works for a variety…

Here are four repeatable steps that will help you pay down your security technical debt, make your apps and APIs more secure, and move you toward consolidated security tooling.