Learn how User-Agent Client Hints work, explore privacy-related features and concerns, and how the partial adoption and incompleteness of this emerging standard can be used to detect…
If your application is on the internet, chances are it has been subjected to nefarious automation. These events can include many different attacks – including content scraping, credential…
Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting…
In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you…
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and…