Hi Fastly users + friends,
We're thrilled to announce a robust lineup of new features and enhancements this quarter, designed to elevate the experience across our platform. Together, we're pushing the boundaries of what's possible with edge technology. Our latest releases span multiple areas to help achieve critical goals: Network Services with VCL Editor improvements, Compute with the IPv4/IPv6 preference selection, Security with streamlined NGWAF onboarding, and Product Experience improvements that make workflows smoother. We've also made significant strides in introducing a Sustainability Dashboard and Security Starter Package—because we know flexible, modern solutions and pricing are essential. These updates reflect our shared commitment to improving privacy, simplifying workflows, and empowering teams with more flexible testing capabilities.
Network Services
VCL Editor Improvements
We’ve improved the user experience of our VCL editor with a modernized code editor for improved usability, full-screen mode for easier viewing and editing, and a unified view of VCL to simplify workflows.
C2PA Support in Image Optimizer
We've now enhanced Fastly Image Optimizer with native C2PA support through a new metadata parameter option: `metadata=c2pa`. This parameter value: preserves existing C2PA manifests from source images while adding new provenance data about Fastly's processing, signs C2PA manifests cryptographically to maintain the chain of trust, attaches complete provenance information to optimized output images, and maintains compatibility with existing copyright preservation options through combined parameters like `metadata=c2pa,copyright`. This means that as images flow through Fastly's global network and undergo optimization, compression, or format conversion, their authenticity trail remains intact and verifiable. Every transformation becomes part of the documented history rather than a break in the chain.
Compute
IPv4/IPv6 Preference Selection
Compute services have had dual-stack (IPv4+IPv6) support for origin traffic, and now we've introduced the ability to prefer a particular IP version when DNS is configured for a backend. This provides the flexibility needed to ensure compatibility and future-proof infrastructure based on cost and performance considerations. This feature is available immediately at no additional charge.
AI
Fastly MCP Server
We've released the Fastly Model Context Protocol (MCP) Server, an open-source experimental tool that brings AI-driven infrastructure management to the forefront. It enables the use of AI assistants for sophisticated control over Fastly services through natural language commands. We understand the challenges faced when managing numerous API commands for CDN configurations, debugging performance issues, or adjusting security settings. That's why we've made this available to help with configuration management, cache management and purging, and performance monitoring insights. The MCP Server is available now as a developer tool at no charge.
Security
Streamlined NGWAF Onboarding
We've streamlined the Next-Gen WAF (NGWAF) onboarding process, allowing teams to enable NGWAF on delivery services with just a few clicks—no more API calls required. These updates are available for those not currently using Next-Gen WAF or Legacy WAF. For existing NGWAF and Legacy WAF users, the current experience remains unchanged. These improvements mark our significant step towards making security features more accessible and easier to use.
Security Starter Package
The Security Starter Package (formerly Essentials) is now fully integrated into the Fastly control panel, providing a unified experience. This integration eliminates the need to switch between web interfaces, simplifying product management and demonstration. Every Fastly security product needed—including DDoS Protection, Next-Gen WAF, and Bot Management—is now available in the Fastly Control Panel, offering a fully unified platform experience.
Precise Defense GA
We're excited to announce the general availability of Precise Defense, a significant enhancement to our DDoS protection service that puts control back where it belongs. With Precise Defense, any rule's behavior can be easily adjusted with just a click. We heard the feedback about needing more granular control over automated detections, and we delivered. Individual mitigation rules can now be set to either blocking, logging, off, or back to default state, providing immediate, surgical control for common scenarios. This helps address suspected false positives without having to escalate to our support teams.Next-Gen WAF Deception Action
We're excited to announce the general availability of the Deception action for our Next-Gen WAF—turning defenses from a simple wall into an intelligent trap. Instead of just blocking attackers, we can now actively deceive them. The first type available is Invalid Login Response, designed specifically to combat Account Takeover (ATO) challenges. When a rule targeting a login page is configured with this action, our WAF intercepts suspicious login attempts, swaps the password with a random value, and forwards the modified request to the origin server, which responds with its real 'Invalid Username/Password' page—keeping real users safe while confusing attackers.
Product Experience
Search as Navigation
We've significantly enhanced our Universal Search functionality with Search as Navigation, making daily workflows faster. This powerful upgrade allows teams to effortlessly locate key product pages and features by simply typing keywords like "WAF" into the search bar. Our system now intelligently presents both relevant search results and direct navigation paths to the most important pages. This enhancement improves discoverability, enables quick finding of relevant product features, and boosts efficiency with convenient shortcuts throughout our Control Panel.
Product Line Trials
We've reimagined how our platform is explored. Instead of initiating separate trials for individual features, customers can now dive into a combined trial that encompasses our Network Services, Compute, & Observability product line. This upgrade allows exploration of a wider range of functionalities seamlessly. We've also expanded the Observability trial to include all features available in our packages, adding alerts and Edge Observer to the trial platform. This enhancement enables a more thorough evaluation of our offerings, helping teams better understand and leverage the full capabilities of our platform before committing.
Granular User Access Control
The new Granular User Access Control for Multiple Roles provides the tools needed to manage access confidently and securely. With predefined roles (like Viewer, Editor, Admin) scoped to specific services, support for assigning multiple roles to users, impersonation for debugging and support, and the ability to define custom roles, teams can finally align access with real responsibilities. This feature helps reduce support burden and addresses real-world needs for specialized access patterns—whether managing billing teams, support scenarios, complex enterprise teams, or IT teams with both technical and TLS responsibilities. We're here to make access management as flexible as organizations require.