All blog posts
Page 21
Learn More About Fastly's Origin Inspector
Dom Fee
Origin Inspector enables granular visibility of egress traffic received from your origins by our edge cloud, allowing you to effortlessly report — in real-time — every origin response, byte, status code, and more.
Request enrichment helps identify user data | Fastly
Brooks Cunningham
Requests passing through Fastly can be transformed in many ways. In this example, we’ll show you how to use enriched requests and our next-gen WAF to help you make more informed security decisions.
Introducing Response Security Service
Kevin Rollinson
Our new Response Security Service provides direct, 24/7 access to our Customer Security Operations Center to help you prepare for and respond when you suspect an attack.
How to recognize and repel four high-risk attack types
Brendon Macaraeg
After years of helping protect companies across a variety of industries, we’ve come to recognize four common risk attack types. Here’s how they work and how to counter them.
Endless OS Foundation Bridges Digital Divide | Fastly
Hannah Aubry
The Endless OS Foundation saw a big spike in traffic at the onset of the COVID-19 pandemic. But thanks to modern CDN features like soft purge, TTL, and segmented caching, they’re able to continue bridging the digital divide.
How to test site speed optimizations with Compute
Leon Brocard
In this post, we show how to test site speed modifications before implementing them using Compute and WebPageTest, a web performance tool that uses real browsers, to compare web performance between the original and transformed page versions.
4 Ways Legacy WAF Fails to Protect Your Apps
Liz Hurder
The legacy WAF isn’t ubiquitous because it’s the perfect technology. Its success comes down to being mandated, despite four ways it often fails.
Suggestive signals: how to tell good bot traffic from bad
Brendon Macaraeg
While some bots are benign search engine crawlers or website health monitors, others are on the prowl with nefarious intent, looking to execute account takeovers and compromise APIs. In this post, we’ll look at how to tell them apart in order to allow the good bots and block the bad ones.
Summary of June 8 outage
Nick Rockwell
We experienced a global outage due to an undiscovered software bug that surfaced on June 8 when it was triggered by a valid customer configuration change. Here's a rundown of what happened, why, and what we're doing about it.
Cranelift vetted for secure sandboxing in Compute@Edge | Fastly
Pat Hickey, Chris Fallin, + 1 more
Alongside the Bytecode Alliance, Fastly’s WebAssembly team recently led a rigorous security assessment of Cranelift, an open-source, next-generation code generator for use in WebAssembly to provide sandbox security functionality.
Minimizing ossification risk is everyone’s responsibility
Mark Nottingham
Building protocols in a way that anticipates future change in order to prevent ossification is critical. Because it’s impossible to upgrade everyone on the internet at the same time; it needs to be possible to introduce changes gradually, without harming communication where only one party understands the change — and this is everyone’s responsibility.
QUIC is now RFC 9000
Jana Iyengar
QUIC version 1 is officially formalized, and QUIC deployments will now move away from using temporary draft versions to the newly minted version 1.
AAPI Heritage Month: Asian Tech Experiences | Fastly
Stephanie Schoch
As part of May’s Asian American and Pacific Islander (AAPI) Heritage Month, we hosted a panel of Asian leaders from tech organizations that reflected on ways their cultural backgrounds impacted their career journeys and ascent into leadership roles.
Building on top of OAuth at the edge
Dora Militaru, Andrew Betts
Authentication is one of the most obvious uses for edge computing. Understanding who your users are as early and as close as possible to their location yields powerful customizations and speedy responses. But there's more than one way to think about how to apply an authentication scheme at the edge.
Answers to your top Kubernetes security questions
Brendon Macaraeg
As Kubernetes has become widespread for container orchestration needs, it’s natural for security questions to arise. Here are answers to the Kubernetes questions we hear most often.
Prevent Wasm Compiler Bugs Early | Fastly
iximeow, Chris Fallin
We recently discovered a compiler bug in part of the WebAssembly compiler that we use for Compute@Edge, that could have allowed a WebAssembly module to access memory outside of its sandboxed heap. But because of the people, processes, and tools we have in place, the bug was caught and patched on our infrastructure before it was exploited.
Memory flaw in Cranelift module
Fastly Security Research Team
The bug identified in the Cranelift x64 backend performs a sign-extend instead of a zero-extend on a value loaded from the stack, when the register allocator reloads a spilled integer value narrower than 64 bits. This interacts poorly with another optimization: the instruction selector elides a 32-to-64-bit zero-extend operator when we know that an instruction producing a 32-bit value actually zeros the upper 32 bits of its destination register. Hence, the x64 compiler relies on these zeroed bits, but the type of the value is still i32, and the spill/reload reconstitutes those bits as the sign extension of the i32’s MSB.
PayPal: secure payments at the edge | Fastly
Lindsay Morris
Online payments giant PayPal uses Fastly’s edge platform to deliver a more secure, faster, and more reliable user experience at a time when digital payments are surging.
Saving time and reducing rework with DRY code
Deanna Barshop
Following the DRY principle isn’t just for engineers. It also cuts the time it takes to make updates in multiple places and reduces errors for our documentation team.
Why Fastly Changed its Control Panel Design
Jennifer Fleming
Over the past few months, we’ve rolled out a series of design improvements focused on text readability, easing eye-strain, and providing a seamless brand experience.
