Stopping Bad Bots Without Blocking the Good Ones
Keep trusted automation running while blocking malicious bots. Learn how precise WAF controls reduce false positives without weakening security.
Staying Secure
All blog posts
-
Stopping Bad Bots Without Blocking the Good Ones
Keep trusted automation running while blocking malicious bots. Learn how precise WAF controls reduce false positives without weakening security.
-
Best WAF Solutions - 2025/2026
Discover the best WAF solutions for 2026. Compare Fastly, Cloudflare, Akamai, Imperva, F5, Fortinet and more for web app, API and microservice protection.
-
Best DDoS Mitigation Providers - 2025/2026
Discover the best DDoS mitigation providers of 2025–2026 with in-depth comparisons on capacity, automation, visibility, and integration.
-
You own your availability: resilience in the age of third-party dependencies
When third-party services fail, your website — and revenue — can fail with them. Learn how to uncover hidden dependencies and use edge proxying to maintain uptime, performance, and control during outages.
-
When do you need low-latency HTTP live streaming?
Low-latency live streaming is more relevant than ever. New user experiences, like quizzes and real-time voting, built around content and entertainment must be available with little to no delay. In this post, we look at the business cases that warrant low-latency HTTP live streaming.
-
DDoS in December 2025
Learn how sophisticated Layer 7 and network DDoS attacks evolved in December 2025, including the year’s largest attack and mitigation strategies.
-
Using cURL to Test Origin Server Responses
Curl, or cURL, is a utility that’s shipped by default on operating systems like MacOS and many Linux distributions that allows you to send an HTTP request to a URL and receive the result. In this post, we’ll walk you through how to use the tool to test an origin server’s response.
-
AI Agents on Fastly Compute: How it Works and What Makes it Secure
Learn how to run AI agents on Fastly Compute, leveraging the edge for low latency and WebAssembly sandboxes for enterprise-grade speed and security.
-
Break Free from ESI Lock-in: Learn How to Migrate Today with Fastly
Migrate your legacy ESI to Fastly Compute. End vendor lock-in, run your ESI on a high-performance engine, and transition to a fully programmable edge.
-
Lightweight Latency Measurement with Server-Timing
Measure end-to-end request latency with Server-Timing. See how origin, Fastly Compute, and CDN delivery timings appear in browser dev tools.
-
When Moments Can’t Be Rehearsed, Preparation Is the Only Advantage That Scales
When everything is live and unforgiving, preparation is the only advantage. Learn how Fastly and Jerry Rice approach peak performance under pressure.
-
Streamlining User Experiences While Fighting Bots
Streamline user experiences and fight bots with Fastly's new embedded challenges for Bot Management.
-
DDoS in November
DDoS attackers were largely absent on Black Friday 2025. Fastly’s latest report reveals why, and what the shifting attack patterns mean for your apps and APIs.
-
CISO Insights: 10 modern capabilities to revamp your security
Explore essential strategies for updating your security measures. Understand the importance of addressing vulnerabilities and optimizing resources for better protection.
-
Building Resilient Applications with Layered Security
Fastly's new security packages make layered application security easier to buy, use, and grow. Protect your apps with predictable pricing.
-
Vibe Shift? Senior Developers Ship nearly 2.5x more AI Code than Junior Counterparts
Fastly’s survey shows senior developers trust gen AI tools enough to ship 2.5x more AI code, while juniors stick to traditional coding and caution.
-
React2Shell Continued: What to know and do about the 2 latest CVEs
In the wake of the critical severity React2Shell CVEs, two new CVEs exploiting similar Next.js and React components were announced on December 11. Learn more about these new CVEs.
-
Fastly’s Proactive Protection for React2Shell, Critical React RCE CVE-2025-55182 and CVE-2025-66478
Protect your apps from the critical React RCE bugs (CVE-2025-55182/66478). Fastly's NGWAF Virtual Patch provides proactive defense.
-
CAPTCHAs Are Costing Retailers Customers — Heavy AI Users Are the First to Walk Away
Our original survey of 881 online shoppers shows CAPTCHAs are quietly killing conversions especially among heavy AI users.
-
Three application security trends to monitor in 2025
Discover how cybersecurity professionals are adapting to a rapidly changing landscape. Explore insights on growth, consolidation, and automation in security strategies.
