All blog posts
Page 30
Diff at the edge with serverless cloud functions
Requesting the difference between two previously cached files — using just a CDN configuration and a serverless cloud compute function — is a great example of exploiting edge and serverless compute services to make your website more efficient and performant, and lower your bandwidth costs. Read on to learn more.
The QA mindset: designing for reliability
Fastly’s engineering teams are smart and capable — they architect thoughtfully, write elegant code, and work carefully with incredible complexity and scale. So why would they (or anyone) need quality assurance (QA)? In this post, Senior QA Automation Engineer Alice Nodelman examines how the QA mindset works, touching on our approach to QA at Fastly and sharing how you could apply this mindset to your organization.
Security Speaker Series, part 3
We’re pleased to announce the next installment of our Security Speaker Series, which brings together researchers and engineers to share research, tools, and ideas. Join us for drinks, snacks, and a few hours of excellent security discussion on Thursday, Oct. 26 at 6pm PT at Bespoke Central Lounge in downtown San Francisco. Speakers include Alex Bazhaniuk, of Eclypsium, Inc., and Stephen Checkoway, of the University of Illinois.
Building the Fastly WAF
In keeping with our security team’s vision for defending the modern web, we launched our Web Application Firewall (WAF) to help our customers secure their sites and applications while providing reliable online experiences for their users. In this post, two of the engineers who built our WAF will take you on a deep dive into the tech behind it, exploring how we built a performant, highly configurable, and comprehensive solution to secure customers’ infrastructure.
Deliberate practice in information security
Deliberate practice is the act of performing a set of tasks that are just slightly more difficult than what you’re used to, so you can get better at a specific activity and move from a novice to an experienced practitioner. In this post, Security Engineer Sandra Escandor-O’Keefe walks us through the art of deliberate practice, offering tips for novices and mentors alike.
Getting more out of IO with image transformation classes
We’ve worked to ensure the Fastly Image Optimizer is simple, easy to use, and most importantly fully integrated into the platform. In an effort to give you even more control, we've developed image transformation classes to help streamline, secure, and support your image delivery workflow.
Updates to the Fastly control panel
We’ve recently had the opportunity to turn customer feedback into new features for the Fastly control panel. Hear from our lead product designers on the latest changes, including an all services homepage, easier way to customize your VCL, and more.
Reddit on building & scaling r/place
Altitude SF 2017 brought together technical leaders from Reddit, the ACLU, TED, Slack, and more to explore the future of edge delivery, emerging web trends, and the challenges of cloud infrastructure and security. In this post, we’ll share Daniel Ellis’ talk on how Reddit built and scaled r/place, their real-time April Fools’ project.
The problem with patching in addressing IoT vulnerabilities
We need technology to provide capabilities to tackle the challenge of the cybersecurity gaps, recently highlighted by the WannaCry attacks. In this post, Director of Security Research Jose Nazario will explore these challenges as well as share research objectives that industry and academia must address soon before we can begin solving the security issues with IoT.
Getting the most out of Vary with Fastly
You can use the `Vary` response header in creative ways, including A/B testing and internationalization. At the same time, many people still use `Vary` badly or misunderstand what it does; in this post, we’ll provide an expanded guide, including some of the more exotic ways you can get value out of `Vary` in intermediate caches like Fastly.
Failing fast & fixing faster at Vogue
A tale of failure and recovery from Kenton Jacobsen, Director of Engineering at Vogue.com and Glamour.com.
Multi-DRM & Content Preconditioning for OTT Providers | Fastly
In an ongoing effort to help you provide the best streaming experiences for your end users, we’re excited to announce two new features to our OTFP service. Multi-DRM support and content preconditioning enable over the top (OTT) video service providers to protect and efficiently monetize premium video content.
Building Edge: 40 POPs, 15 Tbps Capacity | Fastly
We’re pleased to announce that we’ve added a collection of new POPs to the Fastly global network. Since our last update, we’ve deployed additional US POPs in Chicago, Newark, Ashburn, and Los Angeles, plus a brand-new location in Rio de Janeiro, Brazil. Fastly’s global network now exceeds 15 Tbps of connected internet capacity, and we will continue to scale alongside our rapidly growing customer base.
Introducing batch API for surrogate key purge
Surrogate keys give Fastly customers a unique way to efficiently purge content from cache — batch API for surrogate key purge allows you to purge content even more efficiently by purging multiple surrogate keys at once. Read on to learn how to best take advantage.
Technical trainings & the future of edge delivery at Altitude
Altitude SF 2017 featured hands-on trainings and talks from industry leaders like Reddit, the ACLU, Slack, TED, and more. We explored the future of edge delivery, heard about emerging trends in cloud infrastructure and DevOps, and tackled complex problems in cloud security. Read on for our recap of the event (plus slides, videos, and photos).
Migrating MySQL Stats to Bigtable with no downtime | Fastly
In an effort to move forward from early architecture that we were quickly outgrowing, we recently migrated our Historical Stats database from self-managed MySQL to Google Cloud Bigtable. Read on to learn how we did it (without any downtime).
HashiCorp on recovering from failures
Altitude NYC featured war stories from Fastly customers like Vogue, Spotify, and HashiCorp. Read on for our recap of Seth Vargo’s talk, where he discussed how HashiCorp was able to quickly recover from an outage (which included an alarming “purge all” moment).
Optimizing HTTP/2 server push with Fastly
Since we made HTTP/2 generally available in November 2016, h2 traffic has been steadily growing as more customers migrate to the new version of the protocol; since the beginning of 2017, h2 traffic has increased by over 400% and h2 requests now make up more than 25% of the total requests on Fastly’s network. HTTP/2 has numerous practical implications, but in this post we’ll focus on server push, which can save on round trip request time. Here’s how you can get the most out of server push with Fastly.
How to bootstrap self-service continuous fuzzing
OSS-Fuzz is an innovative project that is both advancing the state of the art in OSS security engineering and immediately improving the overall quality of the software that serves the internet. In this blog post, I’ll describe how to use the open source components of google/oss-fuzz to bootstrap self-service continuous fuzzing for both private and public software using h2o, Fastly’s HTTP/2 proxy, as a running example.
New York Media on surviving DDoS and building a better web
At Altitude 2016, New York Media’s CTO discussed surviving a massive DDoS and the steps they took to mitigate, gave us a peek inside their stack, and described how New York Media is building a better web, working towards creating a symbiotic relationship between readers, publishers, and advertisers to ensure great experiences for everyone.
