Protecting your web apps has never been easier: Introducing the Fastly Managed Security Service
The global cybersecurity staffing shortage is an ongoing challenge for anyone needing to manage security threats across all layers of their business. In fact, 70% of organizations are facing cybersecurity staffing shortages, leading to a worldwide gap of 3.4 million cybersecurity workers, according to the (ISC)2 2022 Cybersecurity Workforce Study. In the world of application security, where oft-targeted applications and APIs have a direct revenue impact, this shortage becomes even more critical.
Teams that are spread too thin can end up in a reactive or defensive mode, creating opportunities for errors. Despite the risks of delaying, building an in-house security team can be a daunting task in an uncertain economy.
Introducing the Fastly Managed Security Service
While the Fastly Next-Gen WAF (powered by Signal Sciences) is repeatedly recognized as being easy to deploy and manage, we’re cognizant of organizations that struggle to staff security in-house and are concerned about limited readiness and delayed response.
Today, we are excited to announce the availability of the Fastly Managed Security Service. This new service provides our Next-Gen WAF customers with continuous, proactive monitoring and mitigation of security events, rapid incident response, and regular reporting and consultation. The Fastly Managed Security Service protects your web applications and APIs while allowing your in-house teams to focus on core competencies, strategic initiatives, and high-impact projects.
Our global team of security experts provides continuous monitoring, proactive response, configuration, and support to help protect even the most crucial web applications, all backed by a 15-minute response time SLA for critical security incidents. It includes coverage of application-based attacks, including malicious attempts to access unauthorized applications, injection attacks, and account takeover. We combine this with robust post-event reporting and regular, strategic security consultation in order to ensure that you get the highest level of application protection to strengthen your organization’s overall security posture.
Delivering White Glove Application Security Protection
We launched our Customer Security Operations Center (CSOC) to support our Fastly Response Security Service and the team has grown rapidly since then. Today our globally distributed CSOC is staffed with security experts who provide 24/7 monitoring, threat hunting, and mitigation for Fastly security products as part of the new Fastly Managed Security Service. This team does not just monitor WAF-specific events, but also application-delivery logs and other metrics as well. This voluminous data gives us extensive and early visibility, as well as provides essential context that has helped us even further reduce the occurrence of false positives.
The Fastly Security Research team also plays a key role in the Managed Security Service by providing threat intelligence, adversary emulation, and defensive research. This team uses a variety of approaches including exploitation research, strong intelligence partnerships, and analysis of activities to inform and defend you against emerging threats.
What does access to our team of application security experts mean for you? Besides the top-of-mind incident response use cases, let’s take a deeper dive into two other areas where you’ll see value.
Fastly Managed Security Service: Getting Started
Being able to handle emerging threats on the fly is extremely important, but advance preparation is even more important. The Fastly Managed Security Service starts with an onboarding session where our security experts get to know you, your technology stack, the threats you have faced, and the threats that you are most concerned about. This allows our teams to tailor proactive alerts to your business and use cases, and to provide relevant, actionable security intelligence. For example, understanding that a particular system is used exclusively for logins allows our teams to focus on alerts for credential stuffing, dictionary attacks, and other account takeover vectors. Being aware that inventory scraping or shopping cart abuse is a big concern lets us pivot to other more useful alerting. Knowing your technology stack also lets us know what kinds of CVEs or other vulnerabilities are applicable to your company, so you’re only getting the kinds of outreach and notifications that matter to you, not a one-size-fits-all approach that overwhelms you with irrelevant alerts.
From there, the Fastly CSOC works with your team to start data collection and analysis. We configure secure logging endpoints to collect request data and spend time looking at your traffic patterns and performance metrics. Is your traffic naturally spiky, or does it have a smooth circadian flow? Are weekends busier than weekdays? What time does your traffic normally peak? Knowing these things helps us understand what is truly anomalous, what is expected, and what attack traffic looks like in comparison to normal traffic. CSOC analysts configure, tune and tweak alerts until we are confident that we aren’t missing things, but also not generating false alarms. We intentionally tune these thresholds to err on the side of caution, because our teams will filter through alerts and only forward verified, actionable alerts to your teams.
Improving Security Risk Management
Last August, Fastly’s CISO Mike Johnson wrote about security trends and the idea of “leaning into risks.” As a seasoned security executive, he knows the importance of understanding risk as a key driver for change within organizations.
Using risk for prioritization has become crucial to being efficient and successful within our team. When we have 30+ different security issues to solve, risk will help us prioritize and understand which issue to solve first.
Although our Next-Gen WAF was designed to be fast and effective, we understand that organizations have competing priorities across all their business units. Organizations that cannot staff a 24x7 security team are taking on unnecessary risk, and putting their brand in a precarious position if a critical attack takes place. The Fastly Managed Security Service allows you to better manage your resources and let Fastly detect and mitigate application security threats. With services like priority early access to new features and threat intelligence updates, the Fastly Managed Security Service also provides strategic direction and lets you be directly involved or hands-off in security management without taking on additional risk.