Fastly Deploys Industry-Leading Threat Intelligence Capabilities to Publish Network Effect Threat Report
- None.
- None.
- Fastly’s security platform provides preemptive protection and convenience to security customers, featuring real-time IP reputation intelligence
- Report insights cover a variety of industries, attack patterns, and trending techniques
The security landscape is ever-evolving, with bad actors continually creating new attack vectors. To combat these threats, Fastly’s Next-Gen WAF (NGWAF) uses SmartParse, a proprietary technology that can understand the content and context of attacks. SmartParse is able to quickly and accurately determine if a request will result in a malicious action. Snippets of confirmed malicious traffic are sent to Fastly’s NLX, which then distributes information about offending IP addresses to every Fastly NGWAF customer. This capability enables customers to preemptively block confirmed malicious IPs before a request even reaches their network. The shared threat data fosters a network effect, where the collective intelligence of all customers contributes to stronger security for each organization.
“By continuously analyzing the threat landscape and applying that knowledge to the technology, processes, and mitigations that Fastly offers to its customers, we’re offering valuable insights into the threat landscape and what to do about it,” said Marshall Erwin, Fastly’s newly-appointed Chief Information Security Officer. “We’re leveraging multiple angles to provide actionable intelligence, including our own vulnerability research, strong intelligence partnerships with private/public partners, and data analysis of the activities seen against our customers.”
The Network Effect Threat Report, published today, is the first in a planned ongoing series of threat intelligence reports from Fastly. The report captures information and insights based on the unique data from Q2 2023 from across Fastly’s NGWAF customer base and tagged by NLX.
The findings of this report showcase the strength of the NGWAF’s SmartParse decision engine and NLX’s ability to provide preemptive protection across our customer base. The IP threat intelligence in NLX, which powers the NGWAF and the new threat report, are sourced from over 90,000 application and API endpoints and 4.1 trillion requests inspected per month1. Global traffic encompassed diverse industries, including High Technology, Financial Services, Commerce, Education, and Media & Entertainment. Top highlights from the report include:
-
Multi-customer attacks:
69% of IPs tagged by NLX targeted multiple customers, and64% targeted multiple industries. -
Targeted Industries: The High Tech industry was targeted the most, accounting for
46% of attack traffic tagged by NLX. -
Trending Techniques: While SQL injection is a popular attack choice (
27% ), attackers are favoring traversal techniques, which make up nearly one-third (32% ) of attacks analyzed.
“This report directly reflects the benefits of NLX’s network effect for our customers, which ensures they gain immediate awareness of potentially threatening IPs,” said Simran Khalsa, Staff Security Researcher at Fastly. “These attacks are not as targeted or siloed as people might think. The breadth of our customer base and their traffic means we can offer a higher-quality threat feed that allows teams to respond with greater confidence, especially since it’s happening in near real-time.”
The threat intelligence research and product capabilities featured in this report are just a few features of Fastly’s unified security platform. In contrast to legacy and point product solutions, which can create challenges for security professionals that outweigh the protection they offer, Fastly’s unified platform secures organizations through protection at the application layer along with a secure-by-design network layer and serverless edge compute environment. From DDoS and bot management to real-time platform-wide observability and Managed Security Services, Fastly’s platform makes it easy for security professionals to protect their organizations without slowing them down, and for developers to safely innovate without barriers.
Fastly’s threat intelligence capabilities and unified security platform will be showcased at Black Hat, August 9-10, in
____________________
1 6 month trailing average as of June 30, 2023
About Fastly
Fastly’s powerful and programmable edge cloud platform helps the world’s top brands deliver the fastest online experiences possible, while improving site performance, enhancing security, and empowering innovation at global scale. With world-class support that achieves
Source: Fastly, Inc.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230804465023/en/
Media Contact:
press@fastly.com
Investor Contact:
Vernon Essi, Jr.
ir@fastly.com
Source: Fastly, Inc.
FAQ
What is the name of Fastly's threat intelligence report?
What technology does Fastly's Next-Gen WAF use to combat threats?