Staff Engineer at a retailer with 1,001-5,000 employees
Real User
Top 5
2025-08-01T15:32:18Z
Aug 1, 2025
We do use it, but the UI can be improved as we mostly work through the CI/CD. It provides support, but sometimes it is hard to navigate unless you are very familiar with it.
The areas that could be improved in Signal Sciences include the effectiveness of rules, as many didn't function optimally and required custom rule-writing to address bypasses for WAF. Additionally, the agent-based approach presents challenges with managing agents across versions and dependencies on specific application platforms like Apache or NGINX, leading to compatibility issues and complexity in integration. This agent-based system proved particularly difficult to manage.
There are some lags in Signal Sciences for the web application firewalls. Even if we create some custom rules, Signal Sciences cannot capture some of the malicious traffic. There is a little bit of complexity with custom rules that should be removed. Signal Sciences should add a feature called rate limiting with multiple options, wherein I can create a rate limiting based on the cookie request or the IP.
Learn what your peers think about The Fastly Next-Gen WAF (powered by Signal Sciences). Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
The Fastly Next-Gen WAF (powered by Signal Sciences) provides web application and API protection, RASP, rate limiting, bot protection and DDoS purpose built to eliminate the challenges of legacy WAF.
We do use it, but the UI can be improved as we mostly work through the CI/CD. It provides support, but sometimes it is hard to navigate unless you are very familiar with it.
Fastly don't support caching for China users. That's the only feature lacking compared to Akamai.
The areas that could be improved in Signal Sciences include the effectiveness of rules, as many didn't function optimally and required custom rule-writing to address bypasses for WAF. Additionally, the agent-based approach presents challenges with managing agents across versions and dependencies on specific application platforms like Apache or NGINX, leading to compatibility issues and complexity in integration. This agent-based system proved particularly difficult to manage.
There are some lags in Signal Sciences for the web application firewalls. Even if we create some custom rules, Signal Sciences cannot capture some of the malicious traffic. There is a little bit of complexity with custom rules that should be removed. Signal Sciences should add a feature called rate limiting with multiple options, wherein I can create a rate limiting based on the cookie request or the IP.