Security

Page 7

Future of web app/API security: Dept. of Know Live! | Fastly

Margaret Arakawa

Every Thursday in March, we hosted industry thought leaders on “The Dept. of Know Live!” Web Series to chat about trends in web app and API security. Read on to learn more about our takeaways from the series, how it resonated with our audience, and where we go from here.

Industry insights
Security

Threat hunting network callbacks in WAF data

Fastly Security Research Team, Xavier Stevens

Threat hunting is the practice of looking for active attackers who have possibly penetrated security boundaries within an organization. WAF data can be a valuable resource in threat hunting for network callbacks. Here’s how.

Security

Deadlock bugs: circular waits of torment | Fastly

Kelly Shortridge

This post will illuminate how deadlock bugs emerge, some facets of their fascinating and frustrating strangeness, and guidance on how to handle them in your own systems.

Security

Join Fastly Security Labs: Try New WAF Features | Fastly

Daniel Corbett

Today, we’re happy to announce the launch of Fastly Security Labs, a new program that empowers customers to continuously innovate by being the first to test new detection and security features — ultimately shaping the future of security.

Security

Dept. of Know Live: Tips for asset management | Fastly

Daniel Miessler

Founder of Unsupervised Learning Daniel Miessler joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why we can’t ignore asset management’s role in security. In this blog post, Daniel shares highlights from the conversation.

Security

Introducing GraphQL Inspection for the Fastly Next-Gen WAF

James Nguyen

GraphQL is fast gaining popularity, and we’re excited to announce that we now support GraphQL Inspection in our Fastly Next-Gen WAF (powered by Signal Sciences).

Security

Spring: CVE-2022-22963 & Spring4Shell (CVE-2022-22965) | Fastly

Fastly Security Research Team, Xavier Stevens, + 1 more

In this post, we review details for two RCE vulnerabilities impacting Spring Cloud and Spring Framework, including how Fastly customers can protect themselves from this vulnerability.

Security

Dept. of Know Live: Ellen Körbes on developer experience. | Fastly

Ellen Körbes

Ellen Körbes, Senior Product Line Manager at VMware Tanzu Kubernetes, joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how security falls short of developer expectations. In this blog post, Ellen shares highlights from the conversation.

Security

Fastly's Next-Gen WAF now works with Arm at scale | Fastly

James Nguyen

The Fastly Next-Gen WAF is now the only WAF on the market to be Arm compatible at scale in any environment, allowing you to deploy our security solution in environments using Arm-based processors on NGINX-native web servers — or anywhere else you host your apps and APIs.

Security

Fastly named Customers' Choice for Web App and API Protection four years in a row | Fastly

Sean Leach

With this year’s achievement, we are the only vendor to be named a Customers’ Choice in the Gartner Peer Insights™ “Voice of the Customer” Web Application and API Protection report for four years in a row with an average rating of 4.9 out of 5.0 stars.

Product
Security

Dept. of Know Live: Omar on building secure apps the easy way | Fastly

Omar

Betterment Staff Security Engineer Omar joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about why building more modern applications means building secure ones, and how we can get there. In this blog post, Omar shares highlights from the conversation.

Security

Dept. of Know Live: Sounil Yu on DIE security model | Fastly

Sounil Yu

JupiterOne CISO and Head of Research Sounil Yu joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about how to make security an enabler of innovation. In this blog post, Sounil shares highlights from the conversation.

Security

Defense-in-Depth Security for Web Apps | Fastly

Matt Torrisi

While there’s no magic answer to stop all cyberattacks, there are a number of principles used in a defense-in-depth strategy that can be put in place ahead of a possible attack to limit its impact.

Security

Dept. of Know Live! 4 highlights from Rinki Sethi's chat on modern security | Fastly

Rinki Sethi

Former Twitter CISO Rinki Sethi joined hosts Kelly Shortridge and Bea Hughes on The Dept. of Know Live! to chat about what success in modern security means. In this blog post, Rinki shares four highlights from the conversation.

Security

Custom response codes for Fastly WAF | Fastly

Blake Dournaee

With the introduction of custom response codes, our edge cloud network can now pick up response codes from the Fastly Next-Gen WAF and take custom action at the edge — without the need to create advanced rules. That means more customized, more efficient security for our customers.

Security
Compute

The Dept. of Know Live! web app & API sec. speaker series | Fastly

Christina Nguyen

The Dept. of Know Live! is a virtual speaker series designed to make you think differently about web app and API security. Each episode in March will feature a different guest for a 15-minute interview on some of the hottest topics in security today, followed by a live Q&A. Here’s what to expect.

Security

With the launch of edge deployment, the Fastly Next-Gen WAF is first in the industry to offer a fully unified web app and API security solution

Sean Leach

The Fastly Next-Gen WAF (powered by Signal Sciences) protects apps wherever they live: on-premises, in containers, in the cloud, and — as of today — at the edge. This makes it the industry’s first and only unified WAF.

Security

Inside Fastly: a look at our vulnerability remediation process

Sandra Escandor-O’Keefe

In this post, we present a look at our vulnerability remediation and engineering team and how they were able to roll out a recent fix for a QUIC/H2O vulnerability in under two weeks.

Engineering
Security

Open redirects: abuse & recs [Ex.] | Fastly

Fastly Security Research Team

Open URL redirection is a class of web app security problems that make it easier for attackers to direct users to malicious resources. Here are some examples of how they do it and what you can do to prevent it.

Security

How to Secure your GraphQL

Fastly Security Research Team, Simran Khalsa

There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.

Engineering
Security