Blog Back to all stories

Follow and Subscribe

Security

May 10

The IoT industry’s response to emerging threats

Late last year, we took a look at how the Internet of Things (IoT) is under attack. We analyzed hundreds of individual IoT devices to see how often they were probed for vulnerabilities, with…

January 9

Phase two of our TLS 1.0 and 1.1 deprecation plan

In February of last year we updated you on our plans to deprecate TLS 1.0 and 1.1 due to a mandate by the PCI Security Standards Council as well as our continued commitment to maintaining a…

December 15

The anatomy of an IoT botnet attack

We took a look at some of the more recent (and troubling) threats on the internet, and found that the emerging IoT market is under attack. Internet-connected devices are being churned out of…

November 22

Forward secrecy and a reminder about Fastly security advisories

We publish our security advisories to address vulnerabilities discovered on our own platform, as well as significant security vulnerabilities that affect the wider internet community.

October 13

Lean Threat Intelligence, Part 4: Batch alerting

In Part 3, we showcased a technology that allows you to route messages to and from topics via Kafka. Now that data is flowing, how can you start monitoring and reacting to security events…

August 25

Best practices for protecting your domain

We continuously work on making the edge more secure, and develop features you can leverage to protect your applications. However, in order for you to benefit from these investments, there…

August 12

Our security team’s vision for defending the modern web

Director of Security Research Jose Nazario describes our team’s vision for employing our CDN’s unique position to defend the modern web. Using the recent HTTPoxy vulnerability as an example…

July 28

Lean Threat Intelligence Part 3: Battling log absurdity with Kafka

In “Lean Threat Intelligence Part 2: The foundation,” we explained how we built our log management system, Graylog, using Chef. Next, we’ll cover how we created a message pipeline that…

June 30

TLS 1.2-only delivery is now available

Earlier this year we updated you on our revised deprecation plan for TLS 1.0 and 1.1. We’re happy to announce that you can now request migration to TLS 1.2-only hosts if you’ve purchased a…

June 30

Announcing Limited Availability for HTTP/2

As promised in March of this year, we are excited to announce that our HTTP/2 Limited Availability (LA) program is here. Here’s how you get started.

June 1

Recapping our second Fastly Security Speaker Series

On May 25, we had over 50 security researchers and engineers from the Bay Area and beyond in our San Francisco office for our recurring Fastly Security Speaker Series. This event focused on…