Blog

Follow and Subscribe
Featured story

Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.

Featured

See more

More stories

January 20

Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you…

January 12

There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and…

January 10

The Fastly CLI now supports bootstrapping Compute@Edge projects using fiddles made in Fastly Fiddle as a template. This enables users to get a local developer environment up and running very…

January 5

We’re introducing Cloud Deploy, a wizard that helps you start building on Compute@Edge by deploying and customizing templates, and sets you up with an automated deployment workflow and best…

December 22

In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth…

December 20

By bringing your content closer to the reader, you bypass the conventional cost and rules associated with server space and infrastructure maintenance, and you gain some additional benefits…

December 15

Origin Inspector provides you with a dataset and visualizations that offer real-time and historical visibility into responses delivered from your origin servers to our edge cloud. And we’re…

December 14

Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.

December 14

We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the…

December 10

CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.

December 9

The web’s infrastructure — and the applications we build on it — must constantly evolve to meet the ever-transforming expectations of modern and future end users. We’ve gathered five lessons…

December 7

In this post, we’ll show how you can use information from an origin response to add an abuse IP address to our penalty box. We've been touting the promise of security at the edge, and this…