Xavier Stevens is a Staff Security Researcher at Fastly, with a focus on threat research, detection engineering, and product innovation.

Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins Fastly Security Research Team, Simran Khalsa, + 2 more We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000. May 29, 2024 Security Industry insights

Network Effect Threat Report: Uncovering the power of collective threat intelligence Fastly Security Research Team, Simran Khalsa, + 3 more Announcing the Network Effect Threat Report, Fastly’s threat intelligence report with insights based on unique data from April to June of 2023 August 03, 2023 Security + 2 more

CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability Fastly Security Research Team, Simran Khalsa, + 3 more What you need to know about CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability June 09, 2023 Security

What is TLS Fingerprinting?| Fastly Fastly Security Research Team, Xavier Stevens TLS fingerprinting has become a prevalent tool to help security defenders identify what clients are talking to their server infrastructure. July 20, 2022 Security

Threat hunting network callbacks in WAF data Fastly Security Research Team, Xavier Stevens Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting for network callbacks. Here’s how. May 03, 2022 Security

Spring: CVE-2022-22963 & Spring4Shell (CVE-2022-22965) | Fastly Fastly Security Research Team, Xavier Stevens, + 1 more In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability. March 31, 2022 Security

WAF framework measures WAF effectiveness | Fastly Fastly Security Research Team, Simran Khalsa, + 1 more Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works. December 14, 2021 Engineering Security

Log4Shell attacks (CVE-2021-44228) insights | Fastly Fastly Security Research Team, Xavier Stevens, + 1 more We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the situation. We also share our guidance around testing your environment against many of the new obfuscation methods that have been seen. December 14, 2021 Industry insights Security

Log4Shell exploit found in Log4j | Fastly Fastly Security Research Team, Xavier Stevens, + 1 more CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact. December 10, 2021 Security Engineering

Atlassian Confluence OGNL Injection Vulnerability Protection | Fastly Fastly Security Research Team, Xavier Stevens, + 1 more Our Security Research Team has built and deployed a rule to help protect customers of our next-gen WAF against the recently announced Confluence Server OGNL injection vulnerability, CVE-2021-26084. September 03, 2021 Security