You appear to be offline. Some site functionality may not work.
Try Fastly free Call Us

Blog Back to all stories

Follow and Subscribe

Security

May 10, 2017

The IoT industry’s response to emerging threats

Late last year, we took a look at how the Internet of Things (IoT) is under attack. We analyzed hundreds of individual IoT devices to see how often they were probed for vulnerabilities, with the…

January 9, 2017

Phase two of our TLS 1.0 and 1.1 deprecation plan

In February of last year we updated you on our plans to deprecate TLS 1.0 and 1.1 due to a mandate by the PCI Security Standards Council as well as our continued commitment to maintaining…

December 15, 2016

The anatomy of an IoT botnet attack

We took a look at some of the more recent (and troubling) threats on the internet, and found that the emerging IoT market is under attack. Internet-connected devices are being churned out of factories and…

November 22, 2016

Forward secrecy and a reminder about Fastly security advisories

We publish our security advisories to address vulnerabilities discovered on our own platform, as well as significant security vulnerabilities that affect the wider internet community.

October 13, 2016

Lean Threat Intelligence, Part 4: Batch alerting

In Part 3, we showcased a technology that allows you to route messages to and from topics via Kafka. Now that data is flowing, how can you start monitoring and reacting to security events? In…

August 25, 2016

Best practices for protecting your domain

We continuously work on making the edge more secure, and develop features you can leverage to protect your applications. However, in order for you to benefit from these investments, there are steps you should take…

August 12, 2016

Our security team’s vision for defending the modern web

Director of Security Research Jose Nazario describes our team’s vision for employing our CDN’s unique position to defend the modern web. Using the recent HTTPoxy vulnerability as an example, he outlines the benefits and challenges…

August 12, 2016

Sponsoring the Tor project with content delivery services

Fastly has historically supported many open source projects. We’re happy to announce that Fastly now provides sponsored Content Delivery for the Tor Project. TorBrowser updates are served over the Fastly network, taking...

July 28, 2016

Lean Threat Intelligence Part 3: Battling log absurdity with Kafka

In “Lean Threat Intelligence Part 2: The foundation,” we explained how we built our log management system, Graylog, using Chef. Next, we’ll cover how we created a message pipeline that allows us to route messages…

June 30, 2016

TLS 1.2-only delivery is now available

Earlier this year we updated you on our revised deprecation plan for TLS 1.0 and 1.1. We’re happy to announce that you can now request migration to TLS 1.2-only hosts if you’ve purchased a paid…

June 30, 2016

Announcing Limited Availability for HTTP/2

As promised in March of this year, we are excited to announce that our HTTP/2 Limited Availability (LA) program is here. Here’s how you get started.

June 1, 2016

Recapping our second Fastly Security Speaker Series

On May 25, we had over 50 security researchers and engineers from the Bay Area and beyond in our San Francisco office for our recurring Fastly Security Speaker Series. This event focused on hardware security,…

May 17, 2016

Announcing the second edition of the Fastly Security Speaker Series!

In February, our Chief Security Officer Window Snyder announced the Fastly Security Speaker Series, which we created to share cutting edge security topics with the wider community. We hosted over 50 security researchers and engineers...

April 7, 2016

Lean Threat Intelligence Part 2: The foundation

In part 1, I discussed the general workflow the Threat Intelligence team at Fastly uses to plan for projects. After performing research and seeing what others have done in this space, we can now move…

March 16, 2016

How college security competitions help us build great security teams

Building a great team is one of the most difficult challenges security managers encounter. Luckily, there are a few initiatives that make things easier on us, including the Information Security Talent Search (ISTS) at the…

March 3, 2016

Recap of the Fastly Security Speaker Series

On February 25, we hosted 50+ security researchers and engineers from the Bay Area and beyond in our San Francisco office for the first event in the Fastly Security Speaker Series. This event brought together…

February 23, 2016

Lean Threat Intelligence, Part 1: The plan

Fastly Security Researcher Zack Allen discusses how you can draw from open source resources to build a lean and powerful Threat Intelligence plan for your organization.

February 18, 2016

Introducing Fastly Security Advisories

Today we’re announcing Fastly Security Advisories. Fastly will publish these to address security concerns that either trigger customer interest or require customer action to address.

February 16, 2016

Introducing the Fastly Security Speaker Series

Today we’re announcing the Fastly Security Speaker Series, an informal event for bringing together researchers and engineers to share research, tools, and ideas. Fastly will bring some of the most innovative and thoughtful security researchers…

February 3, 2016

Update to our TLS 1.0 and 1.1 deprecation plan

Last October, we announced our deprecation plan for TLS 1.0 and 1.1. The PCI Security Standards has since updated their guidance, and we are revising our deprecation schedule accordingly.