You appear to be offline. Some site functionality may not work.
Call Us

Fastly Blog

Security

Meet Fastly’s new security dashboard integrations for WAF and real-time logging

Using integrations with BigQuery and Looker, we’ve created 15 chart templates that help you effectively monitor security events on your sites and applications, in real time.

March 19, 2020

Read more

Three ways TLS 1.3 protects origin names

The newest version of Transport Layer Security, TLS 1.3, is faster, more robust, and more responsive than ever before. Explore three ways it will help HTTPS protect origin names for improved confidentiality.

February 12, 2020

Read more

5 tips for creating a secure DevOps culture

Integrating security into your DevOps cycle isn’t something that happens overnight. Here are five tips for building a culture in which secure DevOps can thrive, enabling your team to build secure apps quickly.

January 21, 2020

Read more

TLS with Fastly is now easier and more flexible

Fastly now offers two new TLS services for the trust, flexibility, and scalability customers need to bring the best of the internet to life.

November 18, 2019

Read more

Defend against credential stuffing attacks with proof of work

With attackers using publicly available lists of compromised passwords in an attempt to steal accounts, proof of work is a good way to slow the attackers down.

June 11, 2019

Read more

Trust at scale: Introducing Platform TLS and Subscriber Provided Prefix

Today we’re announcing two new offerings on the Fastly platform: Platform TLS and Subscriber Provided Prefix. Both empower companies to provide fast, secure web experiences to their customers and end-users, while reducing the workload on…

September 13, 2018

Read more

Fastly's Response to SegmentSmack

A remotely exploitable denial-of-service (DoS) attack against the Linux kernel, called SegmentSmack, was made public on August 6th, 2018 as CVE-2018-5390. Fastly was made aware of this vulnerability prior to that date through a responsible…

August 14, 2018

Read more

Introducing Quick Value Packages

Keeping your digital presence continuously tuned, optimized, and secure to align with changing business and technical requirements can be time consuming. That’s why we’ve put together our Quick Value Packages — a collection of expert…

June 21, 2018

Read more

Building the WAF test harness

To help our customers secure their sites and applications — while continuing to give their users reliable online experiences — we’ve built a performant, highly configurable, and comprehensive Web Application Firewall (WAF). In order to…

March 8, 2018

Read more

DDoS attacks: how to protect + mitigate

In part one of this series, we took a look at the evolving DDoS landscape, offering a sense of what’s out there in terms of attack size and type to help better inform decisions when…

February 6, 2018

Read more

Requiring TLS 1.2 for the Fastly API & control panel

As part of our vision for defending the modern web, the Fastly engineering teams are focused on providing you with a robust and secure platform that empowers you to protect your customers. Because we’re committed…

February 1, 2018

Read more

Videos from part 3 of our Security Speaker Series

On October 26, we hosted an evening of drinks, snacks, and an excellent security discussion with the security research and engineering communities. Folks gathered at Bespoke Central Lounge in downtown San Francisco to hear from…

January 11, 2018

Read more

The evolving DDoS landscape

As an edge cloud platform, Fastly is in a unique position to monitor DDoS attack patterns and trends as they evolve. In this post, Jose Nazario, Sr. Director of Security Research, and Ryan Landry, Director…

November 28, 2017

Read more

Security Speaker Series, part 3

We’re pleased to announce the next installment of our Security Speaker Series, which brings together researchers and engineers to share research, tools, and ideas. Join us for drinks, snacks, and a few hours of excellent…

October 17, 2017

Read more

Building the Fastly WAF

In keeping with our security team’s vision for defending the modern web, we launched our Web Application Firewall (WAF) to help our customers secure their sites and applications while providing reliable online experiences for their…

October 11, 2017

Read more

Deliberate practice in information security

Deliberate practice is the act of performing a set of tasks that are just slightly more difficult than what you’re used to, so you can get better at a specific activity and move from a…

October 6, 2017

Read more

The problem with patching in addressing IoT vulnerabilities

We need technology to provide capabilities to tackle the challenge of the cybersecurity gaps, recently highlighted by the WannaCry attacks. In this post, Director of Security Research Jose Nazario will explore these challenges as well…

August 29, 2017

Read more

How to bootstrap self-service continuous fuzzing

OSS-Fuzz is an innovative project that is both advancing the state of the art in OSS security engineering and immediately improving the overall quality of the software that serves the internet. In this blog post,…

May 31, 2017

Read more

The IoT industry’s response to emerging threats

Late last year, we took a look at how the Internet of Things (IoT) is under attack. We analyzed hundreds of individual IoT devices to see how often they were probed for vulnerabilities, with the…

May 10, 2017

Read more

Phase two of our TLS 1.0 and 1.1 deprecation plan

In February of last year we updated you on our plans to deprecate TLS 1.0 and 1.1 due to a mandate by the PCI Security Standards Council as well as our continued commitment to maintaining…

January 9, 2017

Read more