Blog

Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.

We’re sharing our latest data and new insights into the Log4j/Log4Shell vulnerability (CVE-2021-44228 + CVE-2021-45046) in this post in order to help the engineering community cope with the…

CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.

The web’s infrastructure — and the applications we build on it — must constantly evolve to meet the ever-transforming expectations of modern and future end users. We’ve gathered five lessons…

In this post, we’ll show how you can use information from an origin response to add an abuse IP address to our penalty box. We've been touting the promise of security at the edge, and this…

A couple of weeks ago Cloudflare, one of our competitors, claimed that their edge compute platform is roughly three times as fast as Compute@Edge. The false claim is a great example of how…

We analyzed traffic from Thanksgiving Thursday to Cyber Monday in order to understand the traffic, buying, and security trends of ecommerce's big week.

To create more secure and resilient web experiences, we must design, build, and execute applications with security top of mind, and consider how the lessons of the past 30 years inform how…

The key to customer retention is serving the most up-to-date content instantly, personalizing that content for readers, and ensuring online experiences are responsive, safe, and secure. Here…

Many websites today are really applications, and we should be building them as such. To do that, we need application architectures and networks that are capable of supporting fast, secure…

As we look back to celebrate the 30th anniversary of the website, it’s also worth thinking about the next 30 years. There are a couple of areas where we — as engineers, developers, and…

In this video from Web Summit 2021, we discuss how you build and ensure your company culture when you have some team members in person and some at home.