Call usTry Fastly free

Security blog

Security blogSecurity advisoriesReport a security issueSecurity documentation
July 12

New research shows security tooling is at a tipping point

We released a new report today in partnership with ESG Research that reveals some fascinating insights into the state of web application security tooling.

June 30

How to use request enrichment with our next-gen WAF to help identify compromised user information

Requests passing through Fastly can be transformed in many ways. In this example, we’ll show you how to use enriched requests and our next-gen WAF to help you make more informed security…

June 29

Introducing Response Security Service: expand your team for faster response times, better readiness, and increased expertise

Our new Response Security Service provides direct, 24/7 access to our Customer Security Operations Center to help you prepare for and respond when you suspect an attack.

June 25

How to recognize and repel four high-risk attack types

After years of helping protect companies across a variety of industries, we’ve come to recognize four common risk attack types. Here’s how they work and how to counter them.

June 17

The legacy WAF: 4 ways this antiquated technology fails to protect your apps

The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite four ways it often fails.

June 16

Suggestive signals: how to tell good bot traffic from bad

While some bots are benign search engine crawlers or website health monitors, others are on the prowl with nefarious intent, looking to execute account takeovers and compromise APIs. In this…

June 7

How we vetted Cranelift for secure sandboxing in Compute@Edge

Alongside the Bytecode Alliance, Fastly’s WebAssembly team recently led a rigorous security assessment of Cranelift, an open-source, next-generation code generator for use in WebAssembly to…

May 24

Answers to your top Kubernetes security questions

As Kubernetes has become widespread for container orchestration needs, it’s natural for security questions to arise. Here are answers to the Kubernetes questions we hear most often.

May 21

Defense in depth: stopping a Wasm compiler bug before it became a problem

We recently discovered a compiler bug in part of the WebAssembly compiler that we use for Compute@Edge, that could have allowed a WebAssembly module to access memory outside of its sandboxed…

May 5

More is less: stop adding to your security tool technical debt

Throwing new security tools at new threats results in scattershot protection and builds technical debt. Organizations need uniform protection for applications and APIs, regardless of where…

May 3

API and ATO protection dashboards address a rising security challenge with more visibility

New Fastly next-gen WAF dashboards surface security telemetry from more than 20 new signals for advanced attack scenarios, such as account takeover, credit card validation, and password…

April 16

Fastly and Okta partner to lock down layer 7

Layer 7 is a primary battleground for web application and API security. Fastly and Okta have partnered together to share threat intelligence, so security and development teams can better…

Newer postsOlder posts