We are continuously working to improve and expand our platform capabilities, products and services. See below for the latest product releases.
Subscriber-Provided Prefix API GA
The Subscriber-Provided Prefix (SPP) API provides self-service access for SPP customers to create, delete, or update IP configurations, including supported protocols, TLS versions, and customizable FQDNs on Fastly.
Compute Config Stores Available for Purchase
Developers love Config Stores because they enable fast decision-making at the edge. Config Stores can be shared between services, reducing management overhead for large numbers of services, and updated via API and UI, updating global business logic without recompiling and redeploying Compute code. With this update, customers can expand their usage on a Pay As You Go basis and purchase additional Config Stores as needed.
Log Tailing UI GA
The Log Tailing UI allows developers to view their logs while testing their applications on Fastly’s Compute platform. This tool enables developers to easily monitor their edge application’s stdout and stderr outputs in real-time. This helps them to quickly identify and resolve any issues without having to set up and pay for additional third-party log management services.
Next-Gen WAF Simplified Attack Signal Thresholds GA
Threshold blocking is a key Next-Gen WAF differentiator that allows customers to reach blocking mode faster, and we’ve just made it much easier to use. This update adds a new interface accessible from the “Site Settings” to adjust attack signal thresholds quickly and get into instant blocking mode.
Next-Gen WAF Agent Improvements GA
We are pleased to announce the general availability of Agent Auto-Updates and Hashicorp Vault Integration. Agent Auto-Update GA allows customers to opt into automatic updates when new versions are available. With this GA release, we have also added Azure App Services to the list of environments where auto-update is possible. Hashicorp Vault Integration GA allows customers to manage their keys outside of the NGWAF Console and rotate license keys in case keys are compromised. Managing keys via Hashicorp Vault allows for keys to be directly imported into Agents from the vault without providing key visibility to any personnel.
Next-Gen WAF Simulator GA
The Next-Gen WAF Simulator allows customers to pass sample requests and responses to help with debugging and testing rule creation logic and redaction functionality. The Simulator helps customers identify whether requests would be blocked or allowed and shows what the Next-Gen WAF would return as response codes for those requests, as well as the signals that would be added.
Next-Gen WAF Out-of-Band Anomaly Signal GA
We have introduced an anomaly signal (OOB-DOMAIN) that allows you to detect when known out-of-band domains are observed within a client request. Out-of-Band domains are generally used during penetration testing to identify vulnerabilities in which network access is allowed. Want to learn more? For full descriptions of this and all other system signals, check out our system signals documentation.
Next-Gen WAF Virtual Patches
- New Virtual Patch for CVE-2023-38218: Insecure direct object reference (IDOR) vulnerability found in Adobe Commerce and Magento Open Source.
- New Virtual Patch for CVE-2023-50164: Directory traversal vulnerability within file uploads in Apache Struts.
New Fastly Control Panel
The Fastly customer interface has been revamped to make it easier than ever for customers to interact with the Fastly platform. This update massively simplifies how you spin up new services, find the information you need, and collaborate with your team, resulting in better experiences for your users. If you’re not using Fastly yet, this is a great time to sign up for a free account! Start running up to two domains (for free!) and see just how easy we’ve made it.