Q1 2026

Hi Fastly users + friends,

We kicked off 2026 with a number of features and enhancements designed to provide teams with more autonomy and deeper visibility across the platform. The move to independent Domain Management allows for centralized, zero-downtime routing changes and self-service delegation without the friction of full service deployments. On the Security front, we’ve prioritized friction-less defense with Embedded Browser Challenges for Bot Management and a revamped API Discovery suite that introduces per-operation RPS metrics and native CLI/Terraform integration. Compute users gain significantly better visibility through a categorized error reporting overhaul and expanded NGWAF inspection support for JavaScript, Go, and C++. Finally, for those building with AI, the new Fastly Agent Toolkit provides open-source skills to help coding agents like Claude and Gemini navigate the Fastly platform and produce faster workflow speeds.

Network Services

Domain Management

Domains are now managed independently from service configuration in the Fastly platform. This update allows all customers to manage domains and Certainly certificates from a centralized interface. By removing the need for full deployments to add or remove domains, the system significantly reduces friction and enables routing changes with zero downtime. This new architecture supports secure self-service domain delegation across multiple accounts while proactively preventing domain fronting.

Security

New Security Packages

We launched new security packages to make it easier for customers to buy, use, and grow with Fastly Security as business needs evolve. Existing customers on a package plan can opt to switch to one of the new packages depending on their specific needs. The new packages offer simplified, more predictable pricing and a layered defense model to help ensure your applications remain resilient to today’s sophisticated threats.

Embedded Browser Challenges

Bot Management customers can now embed Dynamic Challenges directly into any page (e.g., login, checkout) rather than redirecting end-users to a disruptive interstitial page. This capability is included at no additional cost.

Self-Service Bot Management Enablement

We introduced a new "Enable" toggle at the service level for Bot Management. This enhancement allows customers to activate Bot Management capabilities (including Client Challenges) directly in the control panel, eliminating the need for external API configurations.

API Discovery Enhancements

API Discovery received a streamlined UI update plus new features to supercharge API security reviews. The new features include the ability to understand and prioritize discovery reviews with per-operation RPS metrics; a new “ignore” function to suppress false-positive or benign API operations; take bulk actions, including adding to Inventory, ignoring, describing, and tagging operations; filter and export operations based on multiple attributes; and the ability to integrate API security into their developer workflows via the CLI and Terraform.

ContentGuard

ContentGuard is a Fastly Bot Management feature that enables bot detection in front of cache, giving customers visibility and control over bots, including AI crawlers, accessing cached content. As bots now represent 49% of all traffic and cached requests are being served to bots almost half of the time, ContentGuard provides the detection needed to control what can access our customer’s most popular content.

Storage

Object Storage Regional Expansion

We launched 5 new storage regions (Tokyo, Sydney, Milan, London, and Texas) for Fastly Object Storage to support customers’ needs for localized, low-latency storage options. 

Compute

Improved Error Reporting in Compute Observability Dashboards

This update replaces 5 existing error charts in the "Service Overview" and "All Services" dashboards with three new, clearly defined categories: 1) Instance Resource Limits: Fatal errors triggered when a sandbox reaches maximum hardware thresholds (e.g., timeout, memory, or vCPU limits). 2) Runtime & Logic Errors: Errors such as stack overflows, unreachable code traps, and service chain errors (circular routing). This also includes non-fatal operational Service Limits and Backend Request Errors. 3) Platform Errors: Internal Fastly failures or malformed external requests (e.g., unauthorized purges) that prevent code from executing.

JS, Go & C++ Support for NGWAF Request Inspection

Fastly Compute now has JavaScript, Go and C++ support (in addition to Rust) for traffic inspection via Next-Gen WAF (NGWAF) allowing users to inspect requests and make informed decisions about how to block or redirect them.

AI

Agent Toolkit

The Fastly Agent Toolkit is a public, open-source collection of AI agent skills that teach coding agents how to work with Fastly. The toolkit contains six skills covering the Fastly platform and API, the Fastly CLI, VCL development with Falco, the XVCL transpiler, and local Compute testing with Viceroy and Fastlike. Each skill is a set of curated markdown files, loaded on demand by the agent, only when relevant to the task at hand. The skills work with any agent that reads markdown: Claude Code, Gemini CLI, Codex, Cursor, Amp, Cline, and more.

Product Experience

Redesigned Notification Center

We announced a significant improvement to how alerts and notifications are surfaced in the Fastly control panel. This update centralizes all alerts — observability alerts, support/maintenance notices, and billing/spend alerts — into a single, unified experience.

Granular User Access Control - NGWAF & Admin Roles 

Fastly introduced Next-Gen WAF Imported Roles into the Fastly Control Panel and a new User Admin platform role, bringing NG-WAF users into the Fastly control panel and reducing reliance on Superuser for most user management tasks.