Skill

fastly-ngwaf

Audits Fastly Next-Gen WAF (NGWAF) workspaces to verify critical templated rules for login protection (LOGINDISCOVERY, LOGINATTEMPT, etc.), credit card validation (CC-VAL-...), and gift card validation are configured and enabled. Use for security posture audits.

Bash

security

npx claudepluginhub fastly/fastly-agent-toolkit --plugin fastly-agent-toolkit

Tool Access

This skill uses the workspace's default tool permissions.

Preview

This skill is designed to be triggered when performing an internal audit of Fastly Next-Gen WAF (NGWAF) workspaces. It is particularly useful for security teams, DevOps engineers, or anyone responsible for managing NGWAF configurations who wants to ensure that critical templated protection rules are properly configured and enabled. The fastly-cli skill should be used to configure rules while th...

Supporting Assets

scripts/assess_ngwaf_rules.sh

SKILL.md

Similar Skills

implementing-cloud-waf-rules

Deploys and tunes WAF rules on AWS WAF, Azure WAF, and Cloudflare to protect cloud apps against OWASP Top 10, with managed/custom rules, rate limiting, bot management, and false positive reduction via logging. Use for API security, brute force defense, and compliance.

asi

waf-rule-creator

2.0k

Generates WAF rules, configurations, and validation for web application firewalls. Useful for security tasks like rule creation, best practices, and threat modeling.

5 tools

jeremylongshore-claude-code-plugins-plus-skills

implementing-cloud-waf-rules

5.9k

Deploys and tunes WAF rules on AWS, Azure, and Cloudflare to protect cloud apps from OWASP Top 10 attacks using managed/custom rules, rate limiting, bot management, and false positive reduction via logging.

3 files

cybersecurity-skills

Stats

Stars21

Forks3

Last CommitApr 2, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Fastly Next-Gen WAF Internal Audit

This skill audits Fastly NGWAF workspaces to understand the status of critical templated rules related to:

Login Protection: LOGINDISCOVERY, LOGINATTEMPT, LOGINSUCCESS, and LOGINFAILURE.

Credit Card Validation: CC-VAL-ATTEMPT, CC-VAL-FAILURE, and CC-VAL-SUCCESS.

Gift Card Validation: GC-VAL-ATTEMPT, GC-VAL-FAILURE, and GC-VAL-SUCCESS.

Workflow

Retrieve Workspaces: Fetches all NGWAF workspaces associated with the account.

Inspect Rules: For each workspace, it retrieves the list of configured rules.

Validate Critical Rules: Specifically checks for the presence and enablement of the templated rules listed above.

Recommend Actions: If any of these rules are missing or disabled, it recommends configuring and enabling them to strengthen security posture against Account Takeover (ATO) and carding attacks.

Usage

Assume that the user has correctly configured their FASTLY_API_KEY environment variable. Run the assessment script provided in the skill:

# Execute the assessment script ./scripts/assess_ngwaf_rules.sh

API References

Trigger and scope

Fastly Next-Gen WAF Internal Audit

This skill audits Fastly NGWAF workspaces to understand the status of critical templated rules related to:

Login Protection: LOGINDISCOVERY, LOGINATTEMPT, LOGINSUCCESS, and LOGINFAILURE.
Credit Card Validation: CC-VAL-ATTEMPT, CC-VAL-FAILURE, and CC-VAL-SUCCESS.
Gift Card Validation: GC-VAL-ATTEMPT, GC-VAL-FAILURE, and GC-VAL-SUCCESS.

Workflow

Retrieve Workspaces: Fetches all NGWAF workspaces associated with the account.
Inspect Rules: For each workspace, it retrieves the list of configured rules.
Validate Critical Rules: Specifically checks for the presence and enablement of the templated rules listed above.
Recommend Actions: If any of these rules are missing or disabled, it recommends configuring and enabling them to strengthen security posture against Account Takeover (ATO) and carding attacks.

Usage

Assume that the user has correctly configured their FASTLY_API_KEY environment variable. Run the assessment script provided in the skill:

# Execute the assessment script
./scripts/assess_ngwaf_rules.sh