Call usTry Fastly free

Security blog

Security blogSecurity advisoriesReport a security issueSecurity documentation
June 17

The legacy WAF: 4 ways this antiquated technology fails to protect your apps

The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite three ways it often fails.

June 16

Suggestive signals: how to tell good bot traffic from bad

While some bots are benign search engine crawlers or website health monitors, others are on the prowl with nefarious intent, looking to execute account takeovers and compromise APIs. In this…

June 7

How we vetted Cranelift for secure sandboxing in Compute@Edge

Alongside the Bytecode Alliance, Fastly’s WebAssembly team recently led a rigorous security assessment of Cranelift, an open-source, next-generation code generator for use in WebAssembly to…

May 24

Answers to your top Kubernetes security questions

As Kubernetes has become widespread for container orchestration needs, it’s natural for security questions to arise. Here are answers to the Kubernetes questions we hear most often.

May 21

Defense in depth: stopping a Wasm compiler bug before it became a problem

We recently discovered a compiler bug in part of the WebAssembly compiler that we use for Compute@Edge, that could have allowed a WebAssembly module to access memory outside of its sandboxed…

May 5

More is less: stop adding to your security tool technical debt

Throwing new security tools at new threats results in scattershot protection and builds technical debt. Organizations need uniform protection for applications and APIs, regardless of where…

May 3

API and ATO protection dashboards address a rising security challenge with more visibility

New Fastly next-gen WAF dashboards surface security telemetry from more than 20 new signals for advanced attack scenarios, such as account takeover, credit card validation, and password…

April 16

Fastly and Okta partner to lock down layer 7

Layer 7 is a primary battleground for web application and API security. Fastly and Okta have partnered together to share threat intelligence, so security and development teams can better…

April 12

4 people-centered tips for building a security-minded culture in your engineering org

Explore how leaders from both sides of the aisle have built thriving secure DevOps cultures by putting trust in people first.

April 8

You asked, we delivered: Terraform support for TLS is here

Teams can now automate their Fastly TLS workflows through Terraform — including issuing certificates, retrieving TLS details, and performing other updates.

March 30

Fastly (Signal Sciences) is a 2021 Customers’ Choice for Web Application Firewalls for the third time in a row

Fastly (Signal Sciences) has been recognized as a Customers’ Choice for Web Application Firewalls in the 2021 Gartner Peer Insights “Voice of the Customer” report.

March 11

Next-Gen WAF protection for recent Microsoft Exchange vulnerabilities

Fastly’s security research team has built and deployed a rule to protect Signal Sciences Next-Gen WAF customers against the recently announced Microsoft Exchange Server vulnerabilities.

Older posts

Ready to get started?

Get in touch or create an account.

Try Fastly freeTalk to an expert