On the 9th of December 2022, Fastly began investigation into a novel attack vector recently demonstrated in a blog post by security researchers, Claroty’s Team82. It uses JSON functions within SQL injection (SQLi) payloads that may not currently be detected by our NextGen and Legacy WAF products. Since the publication of this new attack vector, our teams have been working to extend detections for Fastly WAF products. Our teams have released a new scoring rule for the Fastly Legacy 2020 WAF that customers may deploy at their convenience.Our team plans to release initial updates for Next Gen WAF Edge deployments, and a new agent version, that address this novel form of SQL injection later today. CloudWAF instances will be updated shortly thereafter. Fastly will not be releasing new rules to address this issue for pre-2020 Legacy WAF. Pre-2020 Legacy WAF customers may contact [email protected] for assistance upgrading to 2020 or Next-Gen WAF options.
We've improved our agent's SQLI detection to address this attack vector.To take advantage of this improved detection you will need to upgrade your agents to version 4.36.1. Our documentation on how to upgrade your agents can be found here: https://docs.fastly.com/signalsciences/upgrading/upgrading-an-agent/ If you are using a Cloud WAF or Edge Deployment, our team is currently upgrading these agents to take advantage of this improved SQLI detection.If you have any questions please reach out [email protected]
Fastly Next Generation WAF Edge deployments have now been updated to extend SQLI detections. No customer action is required to leverage these improvements.
Cloud WAF deployments have now been updated to extend SQLI detections.
IsDown is an uptime monitoring solution for your critical business dependencies. Keep tabs on your SaaS and cloud providers in real-time and never miss another outage again. Get instant alerts and stay informed when an incident impacts your operations.
Start free trialNo credit card required · Cancel anytime · 2362 services available
Integrations with
Quickly identify external outages that impact your business. We are monitoring more than 2300 services in real time.
Your team on top of problems
IsDown aggregates the information from the status pages of all your services, making it easy to monitor the health of all your services in one place. Say goodbye to managing each status page individually - our service simplifies the process.
No more wasting time. Uptime monitoring in real time
Say goodbye to wasting time trying to diagnose issues with your services - our 24/7 monitoring service does the work for you. We'll notify you if there is an incident, so you can focus on other tasks.
Receive alerts in your preferred channels
Our outage monitoring keeps you informed, no matter where you are. Get instant notifications in your email, Slack, Teams, or Discord when an outage is detected, so you can take action quickly.
Easily integrate with your current tools and workflows
Enhance your processes with more information using our integration of Zapier, Webhooks, PagerDuty, and Datadog. Stay notified and in control. Upgrade your operations today.
Avoid notifications clutter
Maximize your control with customizable notifications from each service. Filter by components and severity to only receive the most important updates. Streamline your processes and stay informed with our advanced notification features.
Multiple dashboards, shareable with the world
Create one dashboard for each of your teams/clients/projects and monitor only the services that each uses. Have a dedicated dashboard with custom notification settings. Easily make your dashboard public and share it with the world.
Prepare for scheduled maintenances
Never again be caught off guard by unexpected maintenance from your services. A feed of the next scheduled maintenances is available.
Weekly Digest of the services' outages
Every Monday, you'll receive a weekly summary of what happened the previous week as well as the maintenance schedule for the following week.
The data and notifications you need, in the tools you already use.
DevOps & On-Call Teams
You already monitor your internal systems. What about the external services? Monitor the services your business depends on. Don't waste time looking elsewhere when external outages are the cause of issues.
IT Support Teams
Detect external outages before your clients tell you. Anticipate possible issues and make the necessary arrangements. Having proactive communication, builds trust over clients and prevents flow of support tickets.
5 minute setup,
instant value for your team
Start with a trial account that will allow you to try and monitor up to 40 services for 14 days.
There are 2362 services to choose from and you can start monitoring, and we're adding more every week.
You can get notifications by email, Slack, and Discord. You can also use Zapier or Webhooks to build your workflows.
You'll start getting alerts when we detect outages in your external dependencies! No more wasting time looking in the wrong place!
Try it out! How much time you'll save your team, by having the outages information close to them?