Security
Page 7
Future of web app/API security: Dept. of Know Live! | Fastly
Every Thursday in March, we hosted industry thought leaders on “The Dept. of Know Live!” Web Series to chat about trends in web app and API security. Read on to learn more about our takeaways from the series, how it resonated with our audience, and where we go from here.
Threat hunting network callbacks in WAF data
Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting for network callbacks. Here’s how.
Deadlock bugs: circular waits of torment | Fastly
This post will illuminate how deadlock bugs emerge, some facets of their fascinating and frustrating strangeness, and guidance on how to handle them in your own systems.
Join Fastly Security Labs: Try New WAF Features | Fastly
Today, we’re happy to announce the launch of Fastly Security Labs, a new program that empowers customers to continuously innovate by being the first to test new detection and security features — ultimately shaping the future of security.
Dept. of Know Live: Tips for asset management | Fastly
Founder of Unsupervised Learning Daniel Miessler joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why we can’t ignore asset management’s role in security. In this blog post, Daniel shares highlights from the conversation.
Introducing GraphQL Inspection for the Fastly Next-Gen WAF
GraphQL is fast gaining popularity, and we’re excited to announce that we now support GraphQL Inspection in our Fastly Next-Gen WAF (powered by Signal Sciences).
Spring: CVE-2022-22963 & Spring4Shell (CVE-2022-22965) | Fastly
In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.
Dept. of Know Live: Ellen Körbes on developer experience. | Fastly
Ellen Körbes, Senior Product Line Manager at VMware Tanzu Kubernetes, joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how security falls short of developer expectations. In this blog post, Ellen shares highlights from the conversation.
Fastly's Next-Gen WAF now works with Arm at scale | Fastly
The Fastly Next-Gen WAF is now the only WAF on the market to be Arm compatible at scale in any environment, allowing you to deploy our security solution in environments using Arm-based processors on NGINX-native web servers — or anywhere else you host your apps and APIs.
Fastly named Customers' Choice for Web App and API Protection four years in a row | Fastly
With this year’s achievement, we are the only vendor to be named a Customers’ Choice in the Gartner Peer Insights™ “Voice of the Customer” Web Application and API Protection report for four years in a row with an average rating of 4.9 out of 5.0 stars.
Dept. of Know Live: Omar on building secure apps the easy way | Fastly
Betterment Staff Security Engineer Omar joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why building more modern applications means building secure ones, and how we can get there. In this blog post, Omar shares highlights from the conversation.
Dept. of Know Live: Sounil Yu on DIE security model | Fastly
JupiterOne CISO and Head of Research Sounil Yu joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how to make security an enabler of innovation. In this blog post, Sounil shares highlights from the conversation.
Defense-in-Depth Security for Web Apps | Fastly
While there’s no magic answer to stop all cyberattacks, there are a number of principles used in a defense-in-depth strategy that can be put in place ahead of a possible attack to limit its impact.
Dept. of Know Live! 4 highlights from Rinki Sethi's chat on modern security | Fastly
Former Twitter CISO Rinki Sethi joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about what success in modern security means. In this blog post, Rinki shares four highlights from the conversation.
Custom response codes for Fastly WAF | Fastly
With the introduction of custom response codes, our edge cloud network can now pick up response codes from the Fastly Next-Gen WAF and take custom action at the edge — without the need to create advanced rules. That means more customized, more efficient security for our customers.
The Dept. of Know Live! web app & API sec. speaker series | Fastly
The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.
With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution
The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.
Inside Fastly: a look at our vulnerability remediation process
In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.
Open redirects: abuse & recs [Ex.] | Fastly
Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.
How to Secure your GraphQL
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.
