Fastly Deploys Industry-Leading Threat Intelligence Capabilities to Publish Network Effect Threat Report

Marshall Erwin, Chief Information Security Officer at Fastly

Fastly, Inc. (NYSE: FSLY), a leader in global edge cloud platforms, has announced the publication of its first threat intelligence report, the “Network Effect Threat Report”.  Featuring data and insights gathered from the company’s proprietary Network Learning Exchange (NLX), the Network Effect Threat Report showcases the industry-leading accuracy of Fastly’s threat intelligence capabilities and the effectiveness of Fastly’s unified security platform.                                                                                                                                                    The security landscape is ever-evolving, with bad actors continually creating new attack vectors. To combat these threats, Fastly’s Next-Gen WAF (NGWAF) uses SmartParse, a proprietary technology that can understand the content and context of attacks. SmartParse is able to quickly and accurately determine if a request will result in a malicious action. Snippets of confirmed malicious traffic are sent to Fastly’s NLX, which then distributes information about offending IP addresses to every Fastly NGWAF customer. This capability enables customers to preemptively block confirmed malicious IPs before a request even reaches their network. The shared threat data fosters a network effect, where the collective intelligence of all customers contributes to stronger security for each organisation.

“By continuously analysing the threat landscape and applying that knowledge to the technology, processes, and mitigations that Fastly offers to its customers, we’re offering valuable insights into the threat landscape and what to do about it,” said Marshall Erwin, Fastly’s newly-appointed Chief Information Security Officer. “We’re leveraging multiple angles to provide actionable intelligence, including our own vulnerability research, strong intelligence partnerships with private/public partners, and data analysis of the activities seen against our customers.

The Network Effect Threat Report., published today, is the first in a planned ongoing series of threat intelligence reports from Fastly. The report captures information and insights based on the unique data from Q2 2023 from across Fastly’s NGWAF customer base and tagged by NLX.

The findings of this report showcase the strength of the NGWAF’s SmartParse decision engine and NLX’s ability to provide preemptive protection across our customer base. The IP threat intelligence in NLX, which powers the NGWAF and the new threat report, are sourced from over 90,000 application and API endpoints and 4.1 trillion requests inspected per month1. Global traffic encompassed diverse industries, including High Technology, Financial Services, Commerce, Education, and Media & Entertainment. Top highlights from the report include:

  • Multi-customer attacks: 69% of IPs tagged by NLX targeted multiple customers, and 64% targeted multiple industries.
  • Targeted Industries: The high tech industry was targeted the most, accounting for 46% of attack traffic tagged by NLX.
  • Trending Techniques: While SQL injection is a popular attack choice (27%), attackers are favouring traversal techniques, which make up nearly one-third (32%) of attacks analysed.

 

“This report directly reflects the benefits of NLX’s network effect for our customers, which ensures they gain immediate awareness of potentially threatening IPs,” said Simran Khalsa, Staff Security Researcher at Fastly. “These attacks are not as targeted or siloed as people might think. The breadth of our customer base and their traffic means we can offer a higher-quality threat feed that allows teams to respond with greater confidence, especially since it’s happening in near real-time.”

The threat intelligence research and product capabilities featured in this report are just a few features of Fastly’s unified security platform. In contrast to legacy and point product solutions, which can create challenges for security professionals that outweigh the protection they offer, Fastly’s unified platform secures organisations through protection at the application layer along with a secure-by-design network layer and serverless edge compute environment. From DDoS and bot management to real-time platform-wide observability and Managed Security Services, Fastly’s platform makes it easy for security professionals to protect their organisations without slowing them down, and for developers to safely innovate without barriers.