Fastly Launches Certainly, a Publicly-Trusted TLS Certificate Authority
Introduction
Fastly, the edge cloud platform provider, made an announcement today regarding the general availability of Certainly, its publicly-trusted TLS Certificate Authority. This announcement follows its limited program release in February 2022. Certainly allows Fastly customers to use in-house issued digital certificates to secure websites and API endpoints served by the Fastly Content Delivery Network (CDN). By offering these in-house certificates, Fastly provides a fallback option in case other Certificate Authorities (CAs) experience a failure, enhancing the security of the data flowing to and from web applications and establishing the legitimacy of the domain.
The Importance of Certificate Authorities
Transport Layer Security (TLS) plays a crucial role in securing the HTTPS connection between web servers and web applications using signed certificates issued by Certificate Authorities. These certificates act as proof that the website is authentic and ensure the encryption of data during transmission. However, if a CA loses trust due to failures in following validation procedures or by losing control of encryption keys, the certificates issued by that authority become untrusted. The compromise of such certificates raises serious concerns about the security of the data being transmitted and the legitimacy of the associated domain.
Certainly’s Added Security Measures
Fastly‘s Certainly introduces several security measures to combat these risks. Firstly, the issuance of TLS certificates in-house by Fastly provides an alternative in situations where other CAs experience a failure. Secondly, the Certainly certificates have a significantly shorter validity period of 30 days, compared to the 90-day validity period preferred by industry giant Google. This shorter validity period helps reduce the potential damage caused by compromised certificates. By offering shorter validity periods, Fastly aims to improve security in the certification process, as opposed to Let’s Encrypt, which currently offers certificates valid for 90 days.
The Acquisition of Domainr
In addition to the Certainly announcement, Fastly also announced the acquisition of Domainr, a renowned real-time domain availability API provider. Fastly plans to integrate the API into its services and infrastructure, allowing customers to instantly verify domain availability, monitor critical domains, and identify at-risk domains. This integration aligns with Fastly‘s strategy of providing end-to-end services for TLS and domain name management. With this acquisition, Fastly expands its global web infrastructure, bolstering its capabilities in securing web applications and simplifying the domain management process for its customers.
Enhancing Risk Prevention with Domain Insights
Fastly aims to leverage its new acquisition to enhance its risk prevention capabilities by gaining a unique view of the ecosystem through Domainr’s API. This comprehensive perspective will enable Fastly to anticipate and prevent risks around domains, ensuring enhanced security and improved response time in mitigating threats. Anil Dash, head of Glitch and vice president of developer experience at Fastly, stated, “Just as Fastly‘s security products look at the entire internet as a whole to anticipate and prevent attacks, Domainr’s API and unique view of the ecosystem will enable new ways of preventing risks around domains in the future.”
Editorial – The Fastly Revolution: Empowering Internet Security
The introduction of Certainly and Fastly‘s acquisition of Domainr highlight the company’s commitment to transforming the security landscape of the internet. With the Increasing frequency of cybersecurity threats and the vulnerability of domain certificates, Fastly‘s initiatives address critical pain points of the digital world.
By providing customers with the ability to issue in-house TLS certificates, Fastly introduces a crucial fallback option, reducing reliance on other CAs and mitigating the impact of compromised certificates. This groundbreaking approach to digital certificate management embodies innovation in securing web applications and strengthens the overall trustworthiness of the internet.
Furthermore, the shortened validity period of Certainly certificates reflects Fastly‘s dedication to staying ahead of emerging security trends and responding to industry demands. By adopting a shorter validity period, the company aims to proactively minimize the damage caused by compromised certificates, demonstrating its commitment to user protection.
The acquisition of Domainr further amplifies Fastly‘s value proposition. By integrating this cutting-edge domain availability API into its services, Fastly empowers its customers with real-time insights and a comprehensive understanding of their domain ecosystems. This capability will pave the way for more proactive risk prevention measures, enabling businesses to identify and address potential threats swiftly.
Looking Forward: Fastly‘s Positive Impact on Internet Security
Fastly‘s revolutionary approach to internet security aligns with the evolving threat landscape and industry demands. Its commitment to enhancing digital certificate management and domain availability monitoring is commendable.
As online threats continue to evolve, businesses and individuals need robust solutions to protect their data and secure their web presence. Fastly‘s solutions help bolster trust in online communication channels, reinforcing the integrity of the internet and empowering users to navigate the digital landscape with confidence.
Other industry players should take note of Fastly‘s achievements and seek to emulate its forward-thinking approach to internet security. By collaborating and integrating innovative technologies, we can collectively build a safer digital environment for the benefit of all stakeholders.
Recommendation: Prioritizing Security in the Digital Age
As internet users, we must remain vigilant about our online security and take proactive measures to protect our information. Here are a few recommendations to enhance your digital security:
- Stay informed: Keep yourself updated on the latest security trends, emerging threats, and best practices for online safety.
- Use trusted security solutions: Employ reliable antivirus software, firewalls, and anti-malware tools to safeguard your devices and networks.
- Secure your web applications: Implement secure development practices, regularly update software, and leverage reputable content delivery networks to enhance the security of your web applications.
- Practice strong password hygiene: Use unique, complex passwords for each of your online accounts, and consider using a password manager to assist in managing and generating secure passwords.
- Enable two-factor authentication (2FA): Activate 2FA wherever possible to add an extra layer of security to your online accounts.
- Regularly backup your data: Routinely create backups of your important files and store them in secure locations to mitigate the impact of data loss due to cyber incidents.
By adopting these security practices, individuals and organizations can better protect themselves in the ever-evolving digital landscape.
<< photo by Masood Aslami >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- Exploring the Growing Threat: Analyzing the New BlackCat Ransomware Variant’s Utilization of Impacket and RemCom Tools
- Elevating Security: Israel and US Team Up to Invest $4 Million in Critical Infrastructure
- Midnight Deadline: New Mandate Means Cyber Incident Reporting for Federally Insured Credit Unions Must Happen Within 72 Hours
- “Enhanced Security: Google Chrome Introduces Alerts for Auto-Removal of Malicious Browser Extensions”
- Investigating the Potential of ProjectDiscovery: A $25M Investment in Cloud Security Tech
- Unveiling the Cloud Crystal Ball: Qualys’ Threat Forecast and Risk Reduction Tips
- The Importance of Bitsight’s Strategic Partnership Manager in Enhancing External Attack Surface Security
- Building Cyber Fortresses: Analyzing Dubai’s Dual Cybersecurity Strategies
- The Power of the Crowd: Unleashing the Network Effect in Cybersecurity
- ISC2 Records Historic Moment as Community Surpasses Half a Million Strong
- Navigating the Murky Waters: Unraveling SEC’s Ambiguous Cybersecurity Material Rule
- Citrix ADC and Gateways: Lingering Backdoors Despite Patching
- Beware of Scams: FBI Alerts Public About Mobile Beta-Tester Luring Schemes
- The Gulf’s Race for Technological Supremacy: Navigating Risk & Opportunity
- Exploring the Fragilities of PowerShell Gallery: Unveiling the Risks of Supply Chain Attacks
- Why Email Security Standards are Failing: A Critical Examination
