You appear to be offline. Some site functionality may not work.
Try Fastly free Call us

Blog Back to all stories

Follow and Subscribe

Daniel McCarney

Security Engineer
May 20

FREAK does not affect Fastly services

Fastly is not vulnerable to Logjam — we only offer the more secure Elliptic Curve variant of the Diffie-Hellman key exchange (ECDHE), and the RSA key exchange mechanism for clients that don’t support ECDHE. Since…

May 15

Improving visibility into CA operation with Certificate Transparency

If you follow the security news cycle, you may have seen recent discussions about Google detecting a Certificate Authority (CA) in China improperly issuing certificates capable of transparently (that is, without warning) imitating Google...

April 10

Addressing the challenges of TLS, revocation, and OCSP

Rotation, expiration, and revocation of secrets are all important concerns that require careful and difficult up-front design. Transport Layer Security (TLS), the protocol underlying secure web traffic (HTTPS), is one of the cryptographic systems with…

March 19

March 19 OpenSSL Security Advisory

Fastly has evaluated each of these vulnerabilities and found that only one moderate-severity bug affects our configuration. We are currently testing the patch and coordinating a global release of the updated software across Fastly’s network….

March 10

TLS at the edge and server-side security

We’re huge fans of Transport Layer Security (TLS) at Fastly. Here’s a behind-the-scenes look at how we do encryption at the edge, which can also serve as overall best practices for handling server-side...