Back to blog

Follow and Subscribe

All blog posts

Page 29 of 48

  • Why “by developers, for developers” matters

    Joshua Bixby

    Developer-centricity is now a mission-critical philosophy for companies to embrace. And during COVID-19, we all know that the stakes have never been higher. We’ve seen that businesses that operate with a dev-first mindset at their core will have the strategic advantage and will only increase it, today and into the future.

    Culture
    WebAssembly

  • Fastly Security Advisory: Cache Poisoning Vulnerability Leveraging X-Forwarded-Host Header

    Fastly Security Research Team, The Fastly Security Technical Account Management Team

    Fastly was notified of the issue on May 21, 2020 13:30 UTC. Fastly immediately launched an investigation, identifying which origin servers responded with a test port number in the redirect response, in order to understand the vulnerability and possible solutions. After the investigation, Fastly first notified potentially affected customers on July 15, 2020 at 04:30 UTC. The vulnerability is a variant of a [previously reported vulnerability](https://www.fastly.com/security-advisories/cache-poisoning-leveraging-various-x-headers), and ultimately the result of constructing cacheable origin responses based on user-defined data. The issue occurs when an attacker issues an HTTPS request and specifies within the Host header a port number that is not actually being used for any services. It is possible to cache a resource in such a way as to deny future requests from being serviced properly.

    Security

  • Cloud Security for Developers

    Stephen Kiel

    If you’re evaluating web application security tools exclusively for their security requirements, you may be missing one of the most essential opportunities to successfully grow your secure DevOps culture: developer-centricity.

    Security
    DevOps

  • Fastly’s security DNA: a look at our culture of safety, privacy, and trust

    Dana Wolf

    Fastly's heritage of security runs deep — far beyond our portfolio of web application and API security products. Our philosophy of developer empowerment, focus on community, and values-driven culture each contribute to our security DNA in an important way. And we'd like to tell you how.

    Security
    + 2 more

  • Apps That Shouldn’t Be Built at the Edge | Fastly

    Sean Leach

    Progressive developers are increasingly using the edge of the network to power more performant and customized apps. With the use cases mounting, it seems there's very little that can't be built at the edge. And aside from a few exceptions, that just might be true.

    Compute
    Engineering

  • First things first: six resources for building on Fastly

    Jacob Rosenbacher

    If you’re among our newest community members, we’d love to show you more of what Fastly has to offer. Once you’ve covered the basics of our getting started guide, check out the resources in this article to take our programmable edge cloud platform further.

    Product

  • State at the edge

    Peter Bourgon

    With the introduction of Compute, Fastly provides a richer model for the CPU. WebAssembly, powered and secured by the Lucet compiler and runtime, unlocks essentially arbitrary code execution within each request lifecycle. This raises the immediate question: what would a richer model for memory, or state, look like?

    Engineering
    + 2 more

  • The Future of Zero Trust: Continuous Authentication

    The Fastly Collective

    Being able to continuously authenticate users’ access to critical web and API services without causing them to pay the price of increased friction may sound like a lofty goal. Still, it can be achieved by integrating technologies you likely already have. Combining technologies built to continuously monitor applications and APIs for attacks and anomalous behavior with identity technologies already deployed to authenticate users allows administrators to protect their critical applications without inconveniencing the user.

  • What is Cache Control?

    Mark Nottingham

    The Cache-Control response header is one of HTTP’s more widely known header fields; it allows a site to control how caches handle their data in CDNs, browsers, and elsewhere

    Engineering
    Industry insights

  • Leveling up observability with Compute

    MJ Jones

    Observability is hard. Distributed systems, dev and testing environments, and outside vendors all complicate the problem. With Compute, Fastly wants to make observability easier. Here’s what we’re doing.

    Performance
    + 4 more

  • Why Compute does not yet support JavaScript

    Sean Leach

    Building our own compiler toolchain allows Compute to be both performant and secure. It also means we have to bring developers’ most-loved language into the fold in the right way.

    Performance
    + 3 more

  • TLS 1.3 is faster, more robust, and now available

    Sudhir Patamsetti

    TLS 1.3 is now available for Fastly customers. The newest version of the TLS protocol, TLS 1.3 is designed to improve the performance and security of traffic served over HTTPS.

    Security
    Performance

  • Improving HTTP with structured header fields

    Mark Nottingham

    The HTTP community has been busy modernizing the web’s protocol over the last decade, with multiple revisions of the core specification, a number of extensions, HTTP/2, and now HTTP/3. Unfortunately, the way we define and use HTTP header fields hasn’t changed much since the beginning, with underspecified headers (and lots of different ways to handle them) causing interoperability issues, developer pain, and even security problems. But help is coming.

    Industry insights
    Engineering

  • User error logs collected | Fastly

    Hooman Beheshti

    Network error logging reports client-side failures and successes, enabling developers to understand how their sites function in the real world and how they might improve performance. In this post, we’ll explore the NEL framework, how it provides visibility, and ways to collect and process the resulting data.

    Industry insights
    + 2 more

  • Reflecting on our inclusion and diversity journey

    Maurice Wilkins

    There’s been an outpouring of corporate statements supporting Black Lives Matter over the past few weeks— but statements of solidarity don’t matter unless they are backed by action designed to create real change. We’re taking a look back at our diversity and inclusion journey, and the ongoing work we need to do as a company to manifest our aspirations.

    Culture

  • 100 Tbps capacity: scaling for digital demands | Fastly

    Artur Bergman

    The growth of our global network allows us to stand at the ready with our customers, supporting and protecting their innovations at the edge.

    Product
    + 3 more

  • Fastly: Life led by People, Process, and Technology.

    Brian Flood

    Our unique approach to business continuity planning focuses not just on ensuring that our systems remain operations, but also that our processes and people have the backup and support they need. Here’s a template to make it yours.

    Culture

  • Core Web Vitals: Improve Your Website Speed | Fastly

    Mike Perez

    Understand what Core Web Vitals means and how you can improve some of these metrics with a CDN configuration.

    Industry insights

  • Black Lives Matter: We are taking a stand.

    Joshua Bixby, Maurice Wilkins, + 2 more

    We have a responsibility to use our platform and our privilege to say that Black Lives Matter — and commit to the work that statement entails.

    Culture

  • Fastly and devs invest in WebAssembly | Fastly

    Pat Hickey

    WebAssembly is helping to lay the foundation for the future of edge computing. And together with the Bytecode Alliance and the developer community at large, we’re investing in new technologies to make WebAssembly easier and more performant.

    WebAssembly
    Compute
© Fastly 2025