Security blog

July 26, 2021
Here are four repeatable steps that will help you pay down your security technical debt, make your apps and APIs more secure, and move you toward consolidated security tooling.
July 22, 2021
As the internet landscape gets more complex, more API driven, and more distributed, many security and IT professionals are left wondering — why aren’t the security tools that were good…
July 12, 2021
We released a new report today in partnership with ESG Research that reveals some fascinating insights into the state of web application security tooling.
June 30, 2021
Requests passing through Fastly can be transformed in many ways. In this example, we’ll show you how to use enriched requests and our next-gen WAF to help you make more informed security…
June 29, 2021
Our new Response Security Service provides direct, 24/7 access to our Customer Security Operations Center to help you prepare for and respond when you suspect an attack.
June 25, 2021
After years of helping protect companies across a variety of industries, we’ve come to recognize four common risk attack types. Here’s how they work and how to counter them.
June 17, 2021
The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite four ways it often fails.
June 16, 2021
While some bots are benign search engine crawlers or website health monitors, others are on the prowl with nefarious intent, looking to execute account takeovers and compromise APIs. In this…
June 7, 2021
Alongside the Bytecode Alliance, Fastly’s WebAssembly team recently led a rigorous security assessment of Cranelift, an open-source, next-generation code generator for use in WebAssembly to…
May 24, 2021
As Kubernetes has become widespread for container orchestration needs, it’s natural for security questions to arise. Here are answers to the Kubernetes questions we hear most often.
May 21, 2021
We recently discovered a compiler bug in part of the WebAssembly compiler that we use for Compute@Edge, that could have allowed a WebAssembly module to access memory outside of its sandboxed…
May 5, 2021
Throwing new security tools at new threats results in scattershot protection and builds technical debt. Organizations need uniform protection for applications and APIs, regardless of where…