Follow and Subscribe

Fastly Security Research Team

August 22
In this post, we'll explore the application vulnerability directory traversal. What is it and how can you protect your apps from it?
August 3
Announcing the Network Effect Threat Report, Fastly’s threat intelligence report with insights based on unique data from April to June of 2023
July 11
What is an OS Command Injection? In this blog, we'll explore the web application vulnerability, OS Command Injection, and how to prevent it.
June 9
What you need to know about CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability
February 28
NagiosXI versions 5.5.6 to 5.7.5 are vulnerable to three different instances of command injection.
October 19, 2022
Learn how User-Agent Client Hints work, explore privacy-related features and concerns, and how the partial adoption and incompleteness of this emerging standard can be used to detect…
August 29, 2022
If your application is on the internet, chances are it has been subjected to nefarious automation. These events can include many different attacks – including content scraping, credential…
July 20, 2022
TLS fingerprinting has become a prevalent tool to help security defenders identify what clients are talking to their server infrastructure.
May 3, 2022
Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting…
March 31, 2022
In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.
January 20, 2022
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you…
January 12, 2022
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and…