Fastly Blog (Security)

Keep trusted automation running while blocking malicious bots. Learn how precise WAF controls reduce false positives without weakening security.

When third-party services fail, your website — and revenue — can fail with them. Learn how to uncover hidden dependencies and use edge proxying to maintain uptime, performance, and control during outages.

Learn how sophisticated Layer 7 and network DDoS attacks evolved in December 2025, including the year’s largest attack and mitigation strategies.

Streamline user experiences and fight bots with Fastly's new embedded challenges for Bot Management.

Fastly's new security packages make layered application security easier to buy, use, and grow. Protect your apps with predictable pricing.

Bots now drive nearly a third of web traffic. Learn how AI crawlers and headless bots are reshaping security, performance, and business decisions.

An IDC study reveals that modern AppSec programs achieve 3X better business outcomes and are almost 2X less likely to experience a data breach.

Learn how Fastly's API Discovery and new Inventory feature unlock API resilience for platform engineers by embracing chaos and strategic, thoughtful planning.

In the wake of the critical severity React2Shell CVEs, two new CVEs exploiting similar Next.js and React components were announced on December 11. Learn more about these new CVEs.

DDoS attackers were largely absent on Black Friday 2025. Fastly’s latest report reveals why, and what the shifting attack patterns mean for your apps and APIs.

Black Friday isn’t the traffic spike it used to be. Fastly’s data shows holiday demand now stretches across all of November. Here’s what Cyber 5 2025 really looked like.

Fastly is seeing sustained React2Shell attacks across all industries and regions. Learn what’s happening and the critical steps enterprises should take to patch vulnerable apps.

Protect your apps from the critical React RCE bugs (CVE-2025-55182/66478). Fastly's NGWAF Virtual Patch provides proactive defense.

Learn how Fastly's Adaptive Threat Engine update for DDoS Protection boosts mitigation accuracy and reduces Mean Time to Mitigation by 72% for the holidays.

Cloud outages are a stark reminder of our digital economy's fragility. Learn how Fastly mitigated a major traffic failover and concurrent DDoS attacks with zero disruption.

Wikipedia cracks down on AI scraping, citing server strain and lost traffic. See why publishers are fighting back and turning to bot management.

The 2025 OWASP Top 10 list is here! Discover what changed, the two new categories, and how to secure your applications against emerging threats.

Make world-class protection accessible. Fastly’s new Managed Security Professional delivers 24/7 expert defense for your most critical apps and APIs.

Discover, monitor, and secure your APIs with Fastly API Discovery. Get instant visibility, cut the noise, and keep your APIs secure and compliant.

Avoid costly app and API security mistakes. Learn how to streamline WAF evaluation, estimate TCO, and embrace agile development for optimal security.