Fastly’s massive globally distributed network provides rapid protection against web application vulnerabilities, DDoS, and botnet attacks. Enforce security rules at the edge with real-time insights into suspicious traffic and the ability to update your configuration in milliseconds.
Fastly’s web application firewall protects your applications from malicious attacks designed to compromise web servers. Built on our powerful edge cloud platform, it protects against injection attacks, cross site scripting, HTTP protocol violations, and more. Our WAF is continuously updated to address ongoing threats using multiple rulesets. Rules can be configured in real time via our API, and can run in active blocking mode or passive logging mode only.
Fastly’s high-bandwidth, globally distributed network is built to absorb DDoS attacks. Our entire network acts as a DDoS scrubbing center, so you don’t sacrifice performance for protection. We protect against highly disruptive attacks across our infrastructure and through optimized software. We allow you to respond in real time, filtering malicious requests at the network edge before they get near your origin.
Fastly has partnered with PerimeterX to offer predictive, behavior-based bot detection and mitigation at the network edge, which strengthens protections for your websites, mobile apps, and APIs. We help prevent account takeover, scraping, digital fraud, and complex application-layer attacks. Our joint offering protects both cached and origin content, defending against bot abuse without impacting performance. This solution is easy to install, and can be up and running in a matter of hours.
Protecting customer identities and the integrity of your website requires strong encryption. Fastly supports Transport Layer Security (TLS), the next-generation encryption and authentication protocol, to deliver a secure web experience for your users. TLS connections between Fastly and your origin are encrypted and terminated at our network edge, closer to your end users. We’re optimized to handle heavy volumes of encrypted traffic without impacting performance, providing you with a cost-effective solution that can scale as you grow.
Fastly is a certified PCI DSS Level 1 service provider. The power of our edge cloud platform and fine-grained controls allows us to cache sensitive PCI or HIPAA-related content while maintaining compliance. Legacy CDNs are unable to cache this content and can only route it on separate, sub-optimal networks. Our Assurance Services provide additional support for customers handling data subject to audit requirements.