Revenir au blog

Follow and Subscribe

Sécurité

Page 3

  • Dept. of Know Live: Tips for asset management | Fastly

    Daniel Miessler

    Founder of Unsupervised Learning Daniel Miessler joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why we can’t ignore asset management’s role in security. In this blog post, Daniel shares highlights from the conversation.

    Sécurité
  • Introducing GraphQL Inspection for the Fastly Next-Gen WAF

    James Nguyen

    GraphQL is fast gaining popularity, and we’re excited to announce that we now support GraphQL Inspection in our Fastly Next-Gen WAF (powered by Signal Sciences).

    Sécurité
  • Spring: CVE-2022-22963 & Spring4Shell (CVE-2022-22965) | Fastly

    Équipe de recherche en sécurité Fastly, Xavier Stevens, 1 de plus

    In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.

    Sécurité
  • Dept. of Know Live: Ellen Körbes on developer experience. | Fastly

    Ellen Körbes

    Ellen Körbes, Senior Product Line Manager at VMware Tanzu Kubernetes, joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how security falls short of developer expectations. In this blog post, Ellen shares highlights from the conversation.

    Sécurité
  • Fastly's Next-Gen WAF now works with Arm at scale | Fastly

    James Nguyen

    The Fastly Next-Gen WAF is now the only WAF on the market to be Arm compatible at scale in any environment, allowing you to deploy our security solution in environments using Arm-based processors on NGINX-native web servers — or anywhere else you host your apps and APIs.

    Sécurité
  • Fastly named Customers' Choice for Web App and API Protection four years in a row | Fastly

    Sean Leach

    With this year’s achievement, we are the only vendor to be named a Customers’ Choice in the Gartner Peer Insights™ “Voice of the Customer” Web Application and API Protection report for four years in a row with an average rating of 4.9 out of 5.0 stars.

    Produit
    Sécurité
  • Dept. of Know Live: Omar on building secure apps the easy way | Fastly

    Omar

    Betterment Staff Security Engineer Omar joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why building more modern applications means building secure ones, and how we can get there. In this blog post, Omar shares highlights from the conversation.

    Sécurité
  • Dept. of Know Live: Sounil Yu on DIE security model | Fastly

    Sounil Yu

    JupiterOne CISO and Head of Research Sounil Yu joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how to make security an enabler of innovation. In this blog post, Sounil shares highlights from the conversation.

    Sécurité
  • Defense-in-Depth Security for Web Apps | Fastly

    Matt Torrisi

    While there’s no magic answer to stop all cyberattacks, there are a number of principles used in a defense-in-depth strategy that can be put in place ahead of a possible attack to limit its impact.

    Sécurité
  • Dept. of Know Live! 4 highlights from Rinki Sethi's chat on modern security | Fastly

    Rinki Sethi

    Former Twitter CISO Rinki Sethi joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about what success in modern security means. In this blog post, Rinki shares four highlights from the conversation.

    Sécurité
  • Custom response codes for Fastly WAF | Fastly

    Blake Dournaee

    With the introduction of custom response codes, our edge cloud network can now pick up response codes from the Fastly Next-Gen WAF and take custom action at the edge — without the need to create advanced rules. That means more customized, more efficient security for our customers.

    Sécurité
    Compute
  • The Dept. of Know Live! web app & API sec. speaker series | Fastly

    Christina Nguyen

    The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.

    Sécurité
  • With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution

    Sean Leach

    The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.

    Sécurité
  • Inside Fastly: a look at our vulnerability remediation process

    Sandra Escandor-O’Keefe

    In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.

    Engineering
    Sécurité
  • Open redirects: abuse & recs [Ex.] | Fastly

    Équipe de recherche en sécurité Fastly

    Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.

    Sécurité
  • How to Secure your GraphQL

    Équipe de recherche en sécurité Fastly, Simran Khalsa

    There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.

    Engineering
    Sécurité
  • Fastly's 2021 in Review

    David Belson

    In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth, and more.

    Informations sur le secteur
    4 de plus
  • WAF framework measures WAF effectiveness | Fastly

    Équipe de recherche en sécurité Fastly, Simran Khalsa, 1 de plus

    Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.

    Engineering
    Sécurité
  • Log4Shell attacks (CVE-2021-44228) insights | Fastly

    Équipe de recherche en sécurité Fastly, Xavier Stevens, 1 de plus

    We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the situation. We also share our guidance around testing your environment against many of the new obfuscation methods that have been seen.

    Informations sur le secteur
    Sécurité
  • Log4Shell exploit found in Log4j | Fastly

    Équipe de recherche en sécurité Fastly, Xavier Stevens, 1 de plus

    CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.

    Sécurité
    Engineering