Security
Page 16 of 17
-
How Fastly Protects its customers from Massive DDoS threats including the novel Rapid Reset attack
The Rapid Reset DDoS attack did not affect Fastly traffic because we can automatically detect and defend against attacks that others can’t.
-
Patch that Vuln! Identify, Triage, and Qualify CVEs
Vulnerabilities are an unfortunate inevitability. However, when using a WAF there are options for your security teams while waiting for a patch.
-
WAF Simulator: Transforming DevSecOps Workflows
We're excited to announce Fastly's new WAF Simulator, which simplifies the testing process and provides the following key benefits.
-
The evolution of blocking
Flexibility is required for confident blocking decisions that impact as little legitimate traffic as possible. Learn more about the evolution of blocking.
-
BoringSSL to make TLS more secure
Replacing OpenSSL with BoringSSL was to reduce the frequency of CVE response and improve the security of our TLS termination system for our customers.
-
Threshold blocking best practices
Learn threshold blocking best practices and how it increases your WAF confidence so you can get into blocking mode faster.
-
A new level of security called for by the White House and Office of the National Cyber Director
The White House and Office of the National Cyber Director called for the adoption of memory safe languages, and we see a way for existing code be more memory safe as well.
-
TLS: More secure; always fast
This post details the journey of improving the security of TLS private keys and improving the performance and efficiency of TLS handshakes along the way.
-
Are APIs the Key to Digital Innovation or a Trojan Horse?
In this new report, we surveyed 235 IT and cybersecurity professionals across Europe to shed light on the state of API security.
-
Stay ahead of attackers by pushing your security perimeter to the edge
An effective edge security strategy can provide significant benefits and protect organizations from the continually evolving threat landscape.
-
Introducing effortless bot management for a better, safer web
See how Fastly's Bot Management targets malicious bots to protect your apps and website for a better user experience. Learn more about our bot management capabilities.
-
Creating industry-leading managed security commitments
Get proactive commitments to your security with Fastly’s industry-first Time to Notify SLA for its Managed Security Service customers.
-
Chaotic Good: Resilience Stress Tests at the Edge
Getting started with chaos experimentation? In this post, we’ll walk through a small starter example experiment – verifying basic security assumptions on a website.
-
Fastly drives improved internet routing security with global push to adopt RPKI
Fastly actively supports and participates in IETF, driving network security standards. Learn how we're enhancing routing security and improving industry standards for a safer Internet.
-
Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins
We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000.
-
Time’s up! How RPKI ROAs perpetually are about to expire
In this post, we'll dig deeper into the mechanics of RPKI to understand how the cryptographic chain contributes to the effective expiration date of a ROA.
-
Fastly and Google partner to enhance your privacy while protecting Chrome users from online threats in real-time
We're excited to announce that Google Chrome is leveraging Fastly Oblivious HTTP (OHTTP) Relay to support the Standard protection mode in Chrome.
-
Built with Fastly Spotlight: LeakSignal stops GenAI data leaks
Learn about how LeakSignal leverages Fastly's industry-leading edge cloud platform to power its cutting-edge data flow governance solution.
-
It’s free, instant, and yours! Fastly’s free developer accounts are here
We’re excited to announce free developer accounts. You can instantly get started and take advantage of the most developer-friendly edge platform in the world.
-
Back to Basics of Automated Attacks: Account Takeover
Explore account takeover attacks and mitigations including modern authentication with 2FA/passkeys, and anti-bot measures to enhance account security.