Fastly, Inc. (FSLY) Business

Item 1.         Business

Overview

Organizations around the world are more dependent on the quality of digital experiences they provide than ever before. As the internet approaches an inflection point where automated, artificial intelligence (“AI”)-driven traffic increases demands on infrastructure, Fastly is the essential platform to deliver resilient, highly performant, always-on software and services at global scale.

The edge cloud is a category of Infrastructure as a Service (“IaaS”) that enables software engineers to build, secure, and deliver digital experiences at the edge of the Internet. Our platform represents the convergence of the Content Delivery Network (“CDN”) with functionality that has traditionally been delivered by hardware-centric appliances such as Application Delivery Controllers (“ADC”), Web Application Firewalls (“WAF”), API Management, Bot Detection, Distributed Denial of Service (“DDoS”), Web Application and API Protection (“WAAP”), and infrastructure protection.

Processing at the edge is an ideal way to handle highly dynamic and time-sensitive data, especially when performance matters. Organizations of all sizes, including Fortune 500 companies that run 24/7 operations, leverage our edge cloud platform for a diverse range of critical functions that benefit from processing at the edge, including enhancing user experience, scaling agentic AI workloads, and powering core commerce capabilities to drive conversion and customer success. The edge cloud complements data center, central cloud, and hybrid solutions, and is critical for responsive, safe, and secure AI-centric experiences.

Fastly focuses holistically on the edge cloud from developer creation to end-user experience, with our global footprint and integrated security core to our platform. Our platform is poised to capitalize on the rise of agentic AI, where autonomous agent consumption is driving the bulk of internet traffic. Fastly is uniquely positioned – and has laid the groundwork – to lead the intelligence fabric that helps enterprises adapt to this shift. We are capturing this opportunity by supporting edge workloads and AI traffic management, allowing organizations to optimize AI-driven services alongside human interactions. We play a unique role in helping enterprises optimize and accelerate interactions with authorized AI agents and blocking abuse, powering their differentiation and AI-fueled innovation.

Organizations must keep up with a complex and ever-evolving landscape. We’ve built a powerful unified edge platform designed from the ground up to be programmable and support agile software development, and we continuously drive innovation to meet the ever changing needs of our customers. We believe that our platform gives our customers a significant competitive advantage – whether they were born into the AI-centric digital age or are just embarking on their transformation journey.

7

Products & Services

Fastly Platform

Fastly’s platform has evolved over the years to meet changing technology demands and the needs of a growing customer base. Built on the core principles of performance, resilience, and programmability, it was originally designed to accelerate applications and services at global scale. Over time, the platform expanded to also encompass edge computing, cloud-native architectures, unified application security, and emerging AI workloads.

Today, Fastly’s platform is designed to address the requirements of the always-on digital economy by providing essential infrastructure and application solutions for customers across a broad range of industries. We serve organizations across ecommerce, streaming media, gaming, digital publishing, and high tech to financial services and more. Our platform supports diverse use cases, from edge distribution and delivery, to cloud-native applications, serverless development, web application and API protection, and edge computing.

A Modern Platform

We have taken advantage of modern network design to build a platform optimized for performance, resilience and scale. Our platform is built to accelerate a wide range of content, including dynamic content, allowing customers to deliver faster, more personalized web and mobile experiences. It is also designed to scale rapidly and intelligently, while being resilient, to reliably support peak traffic events like live streaming events, flash sales, and major gaming releases.

Cloud-Native

As cloud-native solutions have become more mainstream for building and running applications, we are also well suited to support these environments. We offer an API-driven, developer-friendly platform that integrates smoothly with modern stacks, continuous integration/continuous deployment pipelines and cloud infrastructures. Our platform acts as an intelligent edge layer in front of customers’ single or multi-cloud environments. By accelerating, protecting, and optimizing API traffic, intelligently routing requests, and reducing load on origin servers, we improve application performance, security, and reliability. These benefits extend beyond enhancing centralized cloud applications to also supporting larger deployments in virtual private clouds and globally distributed, edge-native applications.

Edge Computing

As application architectures have evolved, with latency-sensitive functionality moving closer to end users, we have expanded our platform to support programmable edge computing. Built on WebAssembly (“WASM”) to support microsecond code execution times, our compute environment enables customers to run layers of intelligent logic, including AI, in front of their applications and services, all while maintaining performance. This allows customers to optimize their workflows for higher conversion rates, increased revenue generation, and faster developer innovation. With built-in isolation technology, the platform is also secure by design, enabling customers to run business-critical workloads while minimizing the potential for vulnerabilities or unauthorized access. Some common edge compute use cases include fast, scalable personalization; security and authentication enforcement; and on-the-fly image or video optimization. Being part of core application workflows, these compute use cases can drive even deeper usage of Fastly’s platform.

Unified Application Security

In response to growing customer demand for consolidated application security, we offer a suite of security solutions to minimize the impact of attacks on and abuse against applications, APIs, and software services. By design, our powerful platform is ideally suited to adapt to and sustain resilience against massive traffic swells, whether network-layer DDoS attacks or global-scale real-time media events. Our AI-driven Adaptive Threat Engine enables real-time detection and mitigation of evolving attacks through traffic pattern analysis across our network, which we also apply to our customers’ individual services through our DDoS Protection product. We layer software products on top of our resilient platform, empowering customers with tailorable protection that lets them block, deceive, redirect, and otherwise manage attack, abuse, and other unwanted traffic. Our integrated web application firewall and bot management capabilities leverage our platform’s evidence-based, context-aware detection capabilities so customers can proactively address unwanted activity. Our platform provides real-time visibility into security events, attack traffic, and rule performance, enabling faster identification and remediation of potential risks to minimize the business impact of security incidents. Our built-in deception and mitigation techniques allow customers to detect and block attack attempts while obfuscating successful defense from attackers, slowing down attackers’ ability to evolve their operations.

8

AI-Ready

As AI becomes an essential part of modern applications, we are pursuing a dual opportunity: enabling AI workloads for our customers and leveraging AI to enhance our platform’s usability and capabilities. Our platform offers semantic caching and edge data stores to speed up AI workloads, while support for real-time messaging and pre-processing of visual data for AI models reduces latency and improves efficiency for AI applications. Fastly’s platform also includes capabilities for managing agentic AI and AI bot traffic, and controlling services through natural language interfaces.

Platform Differentiators

The evolution of Fastly’s platform is powered by a set of core differentiators. These differentiators have allowed us to rapidly adapt to changing market needs.

Robust architecture: Our network is comprised of robust, high-density POPs (points of presence) designed to minimize footprint and colocation costs while delivering content closer to end users. Strategically located near major cloud providers and peered with Internet exchanges worldwide, our POPs are designed to achieve optimal performance with fewer nodes than traditional architectures.

Software-controlled: We built a smarter network using fast switches and server-layer routing intelligence, allowing us to deliver real-time responses by optimally routing customer traffic. Our network also supports origin health checks for CDN and Compute services, which are designed to monitor and direct traffic away from unhealthy backends to maintain service reliability.

Resilient by design: Our network is designed to withstand common performance degradation and connectivity issues with internet transit providers. Fast Path Failover provides automatic detection and rerouting of underperforming edge connections at the transport layer. Precision Path monitors origin connections and reroutes traffic in real time to the best available path. Autopilot, our automated egress traffic engineering solution, allows us to reliably manage high-traffic events without manual intervention. When it comes to protecting against DDoS attacks, our Adaptive Threat Engine is designed to enhance platform resilience by automatically detecting and mitigating attacks in real time, using advanced behavior modeling and traffic analysis to stop threats even when attackers rotate IPs.

Fully programmable: We have built a fully programmable platform that gives customers comprehensive control over how their content is cached and how it responds to end-user requests. Using our flexible APIs, customers can make configuration changes themselves, rather than relying on professional services. This results in faster end-user experiences and cost savings for our customers, while unlocking developer innovation.

Granular visibility: Customers need continuous insight into the status of their apps and services. Across our product lines, we provide real-time logging, rich metrics, alerts and dashboards enabling faster, data-driven decision making. Software engineers can monitor performance, detect anomalies, and troubleshoot issues faster using these tools, maximizing availability and performance for their apps and services. Fastly’s granular visibility enables customers to iterate quickly on new releases, bringing innovations to market faster so they can stay ahead of competitors.

DevOps-friendly: We make it easy for customers to integrate Fastly into their DevOps workflows through rich APIs and support for platforms like Terraform, Amazon S3, and Google Cloud Storage. Combined with our configurability and visibility, these integrations enable developers to include Fastly in their continuous integration and deployment processes, accelerating and optimizing software and feature releases to enable their business goals.

Powerful Compute environment: Our platform provides a serverless compute environment that enables developers to run business-critical workloads at the edge with high performance, resilience, and minimal maintenance. Using WASM, code compiles to native machine code and executes in secure, isolated sandboxes across all our edge service delivery points. Our compute environment enables enterprises to deliver low-latency, reliable, and secure workloads and applications that serve business-critical use cases spanning new revenue opportunities, differentiation, and AI innovation.

9

Network Services

Fastly is an extension of our customers’ infrastructure. Our Network Services are designed to speed up and optimize the delivery of web and application traffic while ensuring developers and engineers do not lose visibility or control. Whether customers are looking to deliver engaging web and streaming experiences to their users, move apps to the cloud, or scale their DevOps practices, our Network Services provide the speed, security, and flexibility customers need.

Content Delivery Network

•Dynamic Site Acceleration. Speeds up requests and responses between cache nodes in our Points of Presence (“POPs”) and customers’ origin servers to serve their dynamic web and mobile content faster.

•Origin Shield. Allows us to designate a specific POP to serve as a shield for a customer’s origin servers. When web content is refreshed and multiple end users request the new content simultaneously, a deluge of requests can hit a customer’s origin server. This can result in poor web or application performance. With Origin Shield, we collapse all these content requests into a single request and hold it in queue at the Origin Shield POP. That allows us to retrieve the new content from the customer’s origin server only once, and then serve it to all end users who requested it. This approach reduces costs for our customers, while improving performance for their end users.

•Instant Purge. Allows customers to clear the cached copy of their content globally in milliseconds, not seconds. We allow customers to send a command to our platform that invalidates an old version of their content throughout our global edge infrastructure. This causes a new version of content to be retrieved from the application server the next time it is requested. This feature enables our customers to serve highly dynamic content at the edge faster, facilitating delightful application experiences. Rapidly changing content like shopping cart items, flight search results, sports scores, or current weather conditions in any given location can all be served faster from the network edge.

•Surrogate Keys. Allows customers to fine-tune purging by tagging related objects across their site with a key name and description, then purging by that key. Customers can purge their entire site of a given object or set of objects all at once, without impacting performance. For example, customers could purge any images and content related to discontinued sale items, discounted products, or outdated news across their site all at once.

•Programmatic Control. Provides direct programmatic control of edge delivery services to our customers, allowing them to precisely control what content is cached, for how long and when it should be refreshed. Combined with comprehensive APIs, this allows our customers to build, test and deploy custom logic, using their own development, test and deployment environment, for even the most complex digital experiences.

•Content Compression. Compresses content with technologies like Gzip and Brotli, providing direct performance improvements and a more responsive web experience for end users.

•Reliability Features. Support the availability of customer content with features including origin health checks, a ‘grace mode’ feature that will continue serving content even when customer origin(s) fail, Multipath TCP, and real time error dashboards and API feeds that are backed by a 100% uptime Service Level Agreement (“SLA”).

•Fanout. Enables customers to push data in real time to many users, such as synchronous communication of messages in a chatroom, server updates to Internet of Things (“IoT”) devices and other types of data between devices. Real-time messaging is used in a wide range of data streaming applications, including IoT, live commenting, end-user notifications, chat and more.

•Domainr. Provides customers with a real-time and programmatic means for checking domain availability. A programmatic solution for verifying trust for domains is especially useful for platform customers. Using Domainr's APIs, customers can embed these functions directly into their workflows.

10

•Modern Protocols and Performance. Helps our customers, and the Internet in general, receive the best possible performance regardless of user device, connectivity or location though supporting the development of next generation web technologies and protocols such as HTTP/3, QUIC, client hints and HTTP prioritization.

•Staging Environment. Allows customers to test changes to their CDN or Compute service configurations in a staging environment before deploying them to the production network. This helps identify and resolve potential issues earlier in the development process. Staging features are automatically enabled for use in the Fastly API, command line interface, and via Terraform.

Video / Streaming

•Live Streaming. Delivers millions of concurrent high-quality live streams. It can deliver online content using major HTTP streaming formats while providing real-time feedback to optimize viewer experiences. In addition, we partner with multiple video platform vendors to improve the flexibility and scale of live-streaming workflows and reduce the total cost of ownership for customers.

•Video on Demand. Reduces the load on origin servers and accelerates time-to-first-frame by caching and rapidly delivering Video on Demand content. Our on-the-fly-packaging feature optimizes streaming media on demand and facilitates immediate playback, thus enhancing viewer experiences across regions, devices, and platforms.

•Media Shield. Large streaming customers typically use multiple CDNs for media delivery for redundancy and protection. Our Media Shield product supports these efforts and can reduce the total cost of ownership while also regaining lost visibility and improving performance. By collapsing multiple origin requests for identical content across several CDNs, content can be streamed faster, more efficiently, and with a significantly smaller infrastructure burden.

•Cache Reservation. Allows large streaming customers to reserve cache space at Fastly’s edge for high traffic events. By prioritizing a customer’s content cache storage, Cache Reservation allows that content to stay in cache for longer, minimizing content eviction in multi-tenant environments. It also helps reduce cloud egress costs by optimizing origin offload from any CDN, including Fastly.

•Live Event Monitoring. With real-time monitoring, streaming delivery, request collapsing, capacity planning, and flexible deployment, Fastly Live Event Monitoring gives customers insights into their live streaming performance and the ability to troubleshoot immediately, all while reducing costs.

Object Storage

•Object Storage. Fastly Object Storage is an Amazon S3-compatible large object storage solution that works seamlessly with both our CDN and Compute services. Customers can store large file sizes, improving latency, increasing cache hit ratios, and reducing egress charges. Objects stored in Object Storage are accessible via an S3-compatible interface. Our on-demand migration feature enables customers to only migrate their required working set of data, reducing egress charges from their source provider.

Load Balancing

•Load Balancer. Manages HTTP/HTTPS requests to a customer’s origin using granular content-aware routing decisions. We allow customers to manage traffic across multiple IaaS providers, data centers, and hybrid clouds. We also provide improved performance and cost savings over ADCs, especially during a spike or surge in traffic.

Image Optimization

•Image Optimizer. We offer a real-time image manipulation and delivery service and store transformations at the edge. When an image is requested, we resize it, adjust quality, crop/trim, change orientations, convert

11

formats, and more, all on demand. Transforming images at the edge eliminates latency and reduces traffic to origin servers, allowing customers to save on infrastructure and egress costs.

Origin Connect

•Origin Connect. Ideal for companies moving more than one gigabyte of data per second, such as media, video, and streaming companies, Origin Connect provides a direct private network connection between an organization’s origin server and an Origin Shield POP. This is an effective way to lower transit costs, reduce engineering complexity, and improve reliability for high-volume streaming content.

Security

Customers across multiple industries rely on Fastly to help rapidly secure their business-critical websites, apps, and APIs. Our modern approach to application security provides the accuracy, flexibility, and ease-of-use that our customers value and expect. Fastly provides a suite of security solutions focused on protecting websites, apps, and APIs from unwanted activity, including DDoS attacks, application layer attacks, and abusive behavior from automated software such as AI crawlers. This solution suite is designed to be real-time, scalable, and customizable, offering customers the ability to tailor and adapt their security to their unique and evolving business needs.

Next-Gen WAF. Our next-generation Web Application Firewall protects applications from malicious attacks that seek to compromise apps and APIs. Our context-aware solution requires no tuning, reducing our customers’ time to deploy software changes, and is more accurate than the traditional rule or signature-based approaches. Our WAF can be installed in any infrastructure: cloud, virtual private cloud, container, on-premise data center or hybrid environments or at the edge. Key features include:

•Bot Management. Bad bots can perform content scraping, tie up system resources, perform account brute forcing and other harmful actions. Our solution (available as part of our Next-Gen WAF) monitors web application and API traffic for automated bot activity, allowing customers to automatically block malicious bot-generated web requests, while providing access for wanted or verified bots. Additional advanced bot management features are available in our separate Bot Management product, described below.

•API Protection. Attackers often target sensitive APIs with malicious activity like attempting to validate stolen credit cards, perform ecommerce gift card fraud or obtain patient healthcare records. We help customers stop API abuse by enabling them to monitor for unexpected values and parameters submitted to API endpoints, and block unauthorized requests.

•Account Takeover Protection. Account takeover occurs when attackers use authentication credentials to take over legitimate user accounts. Attackers test stolen credentials in an automated manner called “credential stuffing.” Our Account Takeover Protection empowers customers to automatically block and alert on credential stuffing attacks.

•Deception. Our advanced deception feature blocks malicious login attempts while also misleading attackers with fake “invalid username/password” responses. Attackers are left frustrated, thinking their credentials are bad and retrying them without realizing they have been detected. This feature is currently available for our Next-Gen WAF, and our goal is to embed deception into both new and existing security products to create end-to-end attacker tracing across customer’s production environments.

•Advanced Rate Limiting. Advanced Rate Limiting enables customers to stop malicious and anomalous high volume web requests and reduce resource consumption while allowing legitimate traffic through to application and API endpoints—doing so means companies can provide a superior customer experience that scales to meet increasing demand.

Bot Management. Fastly Bot Management is an add-on service that provides customers with visibility into bot traffic, allowing them to differentiate between good and bad bots. They can then enforce rulesets and policies in the Fastly Next-Gen WAF control panel. Key features include AI Bot Management for controlling AI bot access, advanced client-side detection of sophisticated automated attacks, and support for dynamic challenges with Private Access Tokens (“PATs”), which allows for verification of legitimate users without relying on CAPTCHAs. Rather than

12

blocking all bots, our approach supports customers’ business goals by giving them granular control to block malicious bots while allowing legitimate automated traffic, such as search engine crawlers or monitoring tools, to access their services.

API Security. Fastly has a set of capabilities designed to help customers better protect their APIs. API Discovery automatically and continuously finds, collects and organizes customer API traffic across their Fastly services into one manageable interface. API Inventory allows customers to save and customize an accurate, detailed, and continuously-updated API inventory from the latest traffic surfaced in API Discovery. Being able to review and set aside APIs that are behaving as expected allows customers to more easily identify APIs which need security attention.

Client-Side Protection. Fastly Client-Side Protection helps our customers meet PCI-DSS compliance requirements. It provides real-time monitoring and protection against unauthorized modifications to client-side scripts and response headers, helping businesses secure sensitive customer data and maintain compliance.

Fastly DDoS Protection. Fastly’s DDoS Protection provides enhanced application-layer defense against DDoS attacks without requiring any upfront tuning. When unexpected volumetric events occur, our proprietary Adaptive Threat Engine leverages advanced, automated pattern analysis—including machine-learning–style behavior modeling—to determine legitimacy. If an attack is detected, it analyzes a comprehensive set of traffic characteristics to identify the attacker and quickly mitigate their attacks, even if IPs are rotated. Fastly DDoS Protection also features a zero-attack-fee billing model, ensuring customers are never charged for attack traffic.

TLS Encryption

•Transport Layer Security (“TLS”). As part of our standard product, our platform terminates HTTPS connections at our network edge, offloading encrypted traffic from our customers’ web servers for better performance. Predefined roles allow customers to more precisely manage TLS access without having to grant unnecessarily broad permissions. We also provide a number of different certificate procurement and hosting options.

•Platform TLS. Our Platform TLS offering is designed to allow customers with multiple web properties to manage TLS certificates at scale, while enabling a fast, secure experience for their end users. It supports delivery and management of hundreds of thousands of certificates, supported by our worldwide TLS termination and acceleration solution.

•Certainly. Certainly is our own publicly-trusted TLS Certification Authority. Fastly customers can use a certificate issued by Certainly to secure any website or API endpoint served by our CDN.

Privacy. Fastly offers several privacy enablement capabilities. Our OHTTP Relay solution provides fast, reliable separation and isolation of end user data, while passing along non-identifying requests to the business server. Fastly’s OHTTP Relay is designed to enhance online privacy for users of several of the largest internet vendors. Fastly has worked with others to develop and standardize the technology behind PATs. As an alternative to CAPTCHAs, PATs provide better user privacy by helping ensure there is no leakage of non-essential data.

Compliance. Our caching and delivery services are designed and measured against key audit and regulatory standards to help customers manage their compliance, including the Health Insurance Portability and Accountability Act (“HIPAA”), the European Union's General Data Protection Regulation (“EU GDPR”), the United Kingdom’s GDPR (“U.K. GDPR”), and industry standards like the PCI Data Security Standard and SSAE-18. Fastly is also certified to the ISO/IEC 27001:2022 standard for its Information Security Management System, and our Next-Gen WAF is FIPS 140-3 compliant for organizations that process sensitive government information or operate in regulated sectors.

Compute

Fastly Compute enables developers to build edge-native applications, APIs, authentication layers, and mission-critical edge functions on our programmable edge platform. These workloads run without requiring developers to manage the underlying infrastructure. Like all our offerings, Compute is built to be secure, performant and scalable.

13

Compute supports a multitude of use cases, including:

•Enhancing Search Engine Optimization ranking by managing redirects and content rewrites at the edge to improve site performance and gain real-time visibility;

•Building high-volume data pipelines for telemetry, user monitoring, IoT sensor arrays, and more;

•Lowering infrastructure costs while delivering faster personalized experiences by handling user authentication and token management for application APIs at the edge; and

•Enabling low latency ad personalization by allowing our customers to serve ads quickly from the edge based on user data.

Key features of Compute include:

•Serverless execution environment. Compute offers a fast, secure serverless code execution engine. It allows customers to deploy code across Fastly’s global edge cloud platform, and execute the code close to the user for low latency. Compute also leverages the power of Fastly’s global platform via a set of powerful developer APIs for fine grained programmatic control (e.g. Cache API’s).

•Language support. Compute works with any WASM-supported languages, including JavaScript, C++, Rust, Go, and a growing list of additional languages. Customers also have the ability to create their own language Software Development Kits. Support for languages that developers already know and want to code in is key for adoption and we will continue to add more over time.

•Storage and Data. Compute has a number of features that makes it easier and faster to access data at the edge instead of having to go back to the central cloud. This helps developers innovate faster and unlocks more latency-sensitive use cases at the edge.

◦Key Value (“KV”) Store. KV Store offers global, durable storage for compute functions at the edge. With fast reads and writes from both the edge or via API, customers can store, control, or cache their data to reduce origin dependency and unlock new use cases.

◦Config Store. Developers want to iterate fast when developing applications. Config Store supports this by allowing them to store multiple common code configurations at the edge, which they can then deploy instantly, instead of having to push new code for every single configuration change.

◦Secret Store. Secret Store is a secure and performant storage system for Compute customers' most sensitive data like API keys, passwords, certificates, and other credentials. It leverages the Hashicorp vault to centrally store, access, and manage secrets across Fastly's cloud infrastructure.

◦Object Storage. Fastly Object Storage is an Amazon S3-compatible large object storage solution that works seamlessly with Fastly’s Compute and CDN services.

•Developer Experience. Our products are designed to empower developers, from their first interaction with Fastly to serving billions of requests daily. Our award-winning Developer Experience team guides developers with training materials, events and tooling aimed at building a deeper understanding of our products. We maintain code samples, published to Fastly’s Developer Hub, and build testing tools like Fastly Fiddle, in order to accelerate customer testing and adoption. Many customers integrate our products directly into their DevOps tools and internal developer platforms. Beyond traditional debugging, we also facilitate advanced diagnostics on our platform through rapid global deploy times, live logs and additional observability tools.

•Fast Forward and Open Source Ecosystem. Our Fast Forward program is designed to empower and support developers, open source projects, and nonprofits that share our vision of an internet that is free, open, and safe for all. Any eligible open source project or nonprofit can apply to receive free Fastly products, including our CDN, security, compute, and observability products. From empowering millions of developers with open source tools, to providing consumers with accessible information, education, and relief services, Fast Forward members leverage Fastly to deliver impact at global scale.

14

◦Language ecosystems. Rust Foundation, Python Software Foundation, Ruby Central, Perl (MetaCPAN), OpenJS Foundation.

◦Open Source governance organizations. Linux Foundation, Apache Foundation, Drupal Association.

◦Open Source projects. Linux kernel, cURL project, Kubernetes, OpenStreetMap.

◦Nonprofit organizations. Khan Academy, Scratch, Watchduty, ArXiv, EFF, Kiva, MercyCorps, Reporters sans Frontières.

Observability

For customers, the ability to continuously monitor the status of their websites, products, and services is essential. Across all our Network Services, Compute and Security product lines, we provide customers with real-time insights for better decision making. Software engineers can quickly identify potential issues, investigate anomalies, improve performance, and uptime and iterate faster on new releases.

•Real-time Logging. To help tune the performance of Fastly services, we support real-time log streaming of customer data that passes through Fastly. We support a number of protocols that allow our customers to stream logs to a variety of locations, including third-party services, for storage and analysis.

•Logging Insights. Fastly Logging Insights is a professional services package that provides actionable intelligence that can be used to diagnose and troubleshoot issues for optimal performance and user experience. Our expert consultants implement a guided customization of preconfigured dashboards tailored to a customer’s specific goals.

•Regional Log Aggregation. Beta release that allows customers to control where their Fastly log data is processed and delivered, helping support stringent data residency requirements while also enhancing log data security. We currently support log processing within the EU and the US.

•Metrics. We offer customers a variety of ways to report on the performance and activity of their services. Our metrics, APIs and dashboards provide real-time, per-second visibility and historical reporting.

•Edge Observer. Provides per-second visibility and historical reporting on the performance and activity of multiple Fastly services in a single pane of glass. Metrics and logs along with every part of the request path are available for consumption in real-time without adding latency.

•Alerts. Provides in-platform alerts for Fastly services, origins, domains, and compute apps. Alerts are driven by real-time metrics and are fully customizable. They can be shared through Slack, email, or integrations with existing escalation workflow tools, for faster detection and response times.

•Sustainability dashboard. Offers self-service access, an API, and downloadable data to track electricity consumption and electricity-related greenhouse gas emissions resulting from customer usage of the Fastly platform, based on our published carbon calculation methodology.

We also offer a number of add-on Observability services which support our Network Services and Compute product lines:

•Log Explorer & Insights. This feature allows customers to store, inspect and monitor their log data directly on our platform, eliminating the need for third-party tools to view and analyze logs. Using the Insights dashboard, customers get a variety of views of their logging data so they can visualize and identify trends. Log Explorer facilitates troubleshooting by allowing customers to view, filter, and analyze logs using the Fastly control panel and API.

•Origin Inspector. Customers can simplify their data pipeline and easily monitor every origin response, byte, status code, and more without needing a third party data collector. They can report on egress data within the

15

Fastly web interface with interactive dashboards. Customers can also verify the success of their Fastly services, especially with shielding or multi-CDN environments.

•Domain Inspector. Customers can easily monitor traffic for a single fully qualified domain name or multiple domains within a Fastly service. They can account for every domain request, byte, and status code or quickly determine edge or origin issues with our combined edge and aggregated origin metrics, all without needing to send log data to a third-party data collector.

The following add-on Observability tools are designed to support our Compute product line, empowering developers to monitor and program in real-time:

•Log Tailing. We give customers visibility into log messages from their applications so they can quickly identify bugs, all within their terminal of choice with Fastly Command Line Interface. This helps avoid difficult third-party log management and debugging challenges.

•Tracing. For customers building apps with Compute, we tag individual end-user requests with unique identifiers and maintain request tracing parameters by tracking when users enter and exit our serverless platform. This feature allows developers to more easily track the performance of application functions post-deployment.

AI Capabilities

AI is becoming an increasingly important part of modern application development. We have extended our powerful, programmable platform to include new products and feature enhancements that help customers accelerate, protect, and optimize their AI-driven workloads.

AI Bot Management. Fastly AI Bot Management is a feature within our Bot Management offering. It provides visibility and control over automated traffic by using behavioral analysis and threat intelligence to identify and classify AI bots. Customers can gain insight into how AI bots access and scrape their content, enabling them to evaluate whether this activity aligns with their business goals—such as generative engine optimization—or constitutes unauthorized use. They can then take targeted actions, including blocking, rate-limiting, or allowing this AI bot traffic. AI Bot Management is also integrated with Tollbit and other monetization vendors, to monetize AI bot scraping of customer content. The Tollbit integration allows customers to redirect AI bots to a paywall for token verification. AI bots with valid tokens are granted access to content, while AI bots without valid tokens are required to pay for access.

Edge Data Storage. Fastly Key-Value Store and Object Storage are edge data storage solutions which can help optimize AI workloads. Key-Value Store supports semantic caching of large language model (“LLM”) responses, allowing applications to instantly serve relevant results while reducing calls to expensive, high-latency model APIs. Object Storage supports AI workloads by providing a cost-effective way to store and serve large datasets for LLM training, enabling organizations to scale AI model training while reducing storage costs.

Fanout. Fastly Fanout simplifies the delivery of real-time workloads by managing complex, persistent client-server communications at the edge. It supports a broad range of use cases by enabling AI agents to autonomously connect fragmented steps into automated workflows. Its flexible architecture provides a framework for enabling pub/sub, IoT and other real-time communication options for agentic handoffs.

Image Optimizer. Fastly Image Optimizer integrates into AI workflows as an intelligent preprocessing layer that refines images before they are processed by AI models. Using our smart crop feature, it preserves and optimizes the most relevant regions of an image, reducing unnecessary data sent into the AI pipeline. This helps improve model performance, lower compute and egress costs, and reduce workload latency.

Fastly also provides AI solutions designed to simplify the management of our services.

Model Content Protocol (“MCP”) Server. Fastly MCP Server is an open-source tool that enables AI assistants—including Claude, Claude Code, Gemini, OpenAI, Cursor, and others—to interact with and manage Fastly services using natural language. Customers can perform tasks like purging caches, viewing traffic patterns, or updating configurations, through simple conversational commands. MCP Server also streamlines security workflows, making it

16

easier to automate and manage CDN services, Compute applications, and security settings. Beyond basic operations, it supports advanced advisory interactions, such as analyzing service configurations, suggesting optimizations, or reviewing WAF rules.

AI Assistant. Fastly AI Assistant is an in-console AI helper released in beta that provides users with contextual, real-time answers about Fastly’s products and services. By surfacing relevant information with citation links directly within the control panel, AI Assistant improves the user experience and helps customers explore and configure Fastly more efficiently. This helps to simplify onboarding and configuration for both new and existing users.

Services

Professional Services. Fastly offers the following professional services:

•Network Services. Distributed systems can be complex, but regardless of a customer’s skill level, Fastly technical experts are available to guide and optimize the customer's cloud strategy. We offer various levels of engagements, from a light helping hand, to acting as an extension of developer teams, with global support and flexible professional services hours.

•Response Security. This service offers rapid, expert intervention when customers need it the most. With an industry-leading SLA, our Customer Security Operations Center (CSOC) helps mitigate application and API attacks 24/7/365, to minimize impact and facilitate quick recovery.

•Managed Security Professional. This service offers proactive protection for customers' most critical apps and APIs. It includes expert 24/7/365 monitoring and mitigation from Fastly’s CSOC across all Fastly security products, quarterly reporting, and an industry-leading SLA.

•Managed Security Enterprise. This service offers comprehensive, white-glove defense for customers’ applications and APIs. It includes expert 24/7/365 proactive monitoring and mitigation by Fastly’s CSOC across all Fastly security products, multiple industry-leading SLAs, proactive threat hunting, monthly reporting, and strategic analysis.

Managed CDN. Fastly’s Managed CDN provides maximum control and flexibility. We deploy our edge cloud network on dedicated POPs within a customer’s private network at locations of their choosing. Our service can be used exclusively, or as part of a hybrid, multi-CDN strategy.

Support Plans. Fastly offers three levels of support plans and available technical support add-ons with dedicated technical specialists and account managers that provide extended security expertise.

•Standard. The Standard support plan gives every Fastly customer immediate access to our Community Forum and extensive documentation. Customer support is available via email during business hours.

•Gold. The Gold support plan offers enhanced product support, priority routing for support cases, and expedited 24/7 incident response times.

•Enterprise. Enterprise level support equips customers with 24/7 online support for incidents and general inquiries, 15-minute escalation response times, phone support, access to a private Slack channel, and a team of technical experts to help optimize a customer’s Fastly service, including compliance support.

Our Growth Strategy

Our growth strategy focuses on making our edge cloud platform accessible to a broader base of customers through enhancing our product experience, investments in technology and infrastructure, attracting new business, growing partnerships, and vertical expansion. Key elements of our growth strategy include the following:

•Product strategy. Built upon a strategy of durable innovation, our programmable edge cloud platform creates a consistent and predictable pipeline of innovation. We plan to expand existing product lines like Network Services and Security, and expect to further incubate newer products for future growth.

17

With the goal of making it easier for customers to do business with us, we continue to build out a single, unified platform where they can access and manage all their Fastly services in one place. Our security products - DDoS Protection, Next-Gen WAF, Bot Management, Client-side Protection, and API Security - are available on one platform, and easily accessible through the Fastly Control Panel. We have also taken steps to further simplify customer onboarding and service usage, through easy access to self-training information from within the Fastly app, and more code samples and support.

•Expansion into additional vertical markets. Our platform offers a broad range of capabilities. Our differentiated high performance and low-latency delivery network and edge compute platform, as well as enhanced security capabilities, allows us to serve the needs of our existing customers and continue to add customers from a diverse set of industries.

•Expand existing customer relationships. Over time, our customers have expanded their use of our platform. In more technically savvy organizations, software engineering leaders have championed our solution, paving the way for us to engage with business decision makers. For more traditional organizations, we are often brought in to initially help facilitate a move to the cloud and from there we extend our product to support many other use cases. We plan to continually increase wallet-share over time for existing customers as we build out new products and features, and as customers continue to fully recognize the value of our platform.

•Grow our technical partner ecosystem. We operate between and complement the “big 3” origin cloud platforms, Amazon Web Services (“AWS”), Microsoft (Azure), and Google Cloud Platform, and a growing community of companies that provide big data, AI, and security solutions. In this sense, we act as the unifying layer for a growing number of cloud services. As customers consume more cloud and software as a service (“SaaS”) offerings, we can create additional value and grow with these partners.

•Attract new customers. With new product innovations, additional vertical focus areas, growing partners, and an optimized go-to-market engine, we plan to attract new business and continue to grow. In addition, we can help new customers accelerate, protect, and optimize their AI-driven workloads, AI-generated software, and traditional applications that increasingly experience agentic interactions.

•International expansion. As our customer base grows, we plan to scale our network to bring edge computing closer to where our customers are. We believe significant opportunities exist for international growth.

Partner Ecosystem

Partners are one of the ways Fastly creates new value for customers, reaches new markets, and builds things we couldn’t do alone. Our strategy is to create economic, reputational, and technical value with our partners and to be the engine that powers their revenue and growth. To achieve this, we partner with a number of global channel partners who offer our performant and secure solutions on top of their own value-added services. We work with top cloud service providers to combine our complementary products and services and to offer streamlined procurement through cloud marketplaces. We also partner with a number of third-party technical partners to extend our capabilities across new markets and use-cases. Ultimately, partners help our customers by:

•Providing a complete suite of value-added services and solutions

•Offering flexible and efficient engagement and purchasing models

•Acting as a single point of contact; and

•Extending geographic coverage and support.

Channel Partners. Fastly’s partners take full advantage of our powerful, open, and programmable edge cloud platform to build and deliver high-margin services and value-added offerings for end customers. Our partner program operates like a flywheel to innovate, market, sell, and deliver solutions jointly with our partners. The three primary channel partner types we work with are:

•Referral partners: Recommend Fastly products to their customers for a commission and include partners like agencies and consultants.

18

•Reseller partners: Act as a reseller to offer additional value on top of Fastly’s products and services and include partners like value-added resellers, system integrators, and more.

•MSP and MSSP partners: Managed Service Providers (MSP) and Managed Security Service Providers (MSSP) can earn technical certifications to provide certified implementation services and/or embed Fastly technology to enhance their SaaS or Platform as a Service offerings.

Partners work with Fastly’s sales and presales teams to scale sales cycle support. This helps expand our worldwide network of partners dedicated to protecting and delivering customers’ content. We have expanded the reach and breadth of these partners to include cross-selling delivery and security products. We have made significant investments in this area by adding additional channel sales and marketing resources, technical training and enablement, partner discounts, and an elevated partner program to offer partners even more benefits.

Cloud Partners. We integrate with major cloud providers to enhance their services and create solutions that are powerful, scalable, and secure. We have exclusive Private Network Interconnects (PNIs) and peering arrangements with key cloud providers such as Google Cloud Platform, AWS, and others to eliminate or minimize egress fees, enhance security, and improve overall performance. We are also available for purchase on the Google Cloud Marketplace and AWS Marketplace which can help eliminate the need for customers to have separate billing arrangements and makes Fastly services eligible for Google Cloud and AWS committed spends. We have strong go-to-market relationships with our cloud partners which allow us to access the benefits of their partner programs like joint business planning, co-selling, account support, added marketing funding, and more.

Integration Partners. We integrate with a number of third-party partners who offer complementary technology across a number of strategic use-cases and industries. These partners help expand our reach into new markets by offering customers a solution that seamlessly integrates with their existing technology stack making our technology even stickier. Here are some examples:

•Security: Our Next-Gen WAF integrates seamlessly with a broad ecosystem of third-party tools, enabling customers to streamline workflows, strengthen DevOps processes, enhance security visibility, and improve operational efficiencies. Our Next-Gen WAF supports Kubernetes and service mesh and API gateway technologies such as Envoy, Istio, and Ambassador to accommodate modern microservices architectures. It is also compatible with major cloud and platform providers, including Amazon Web Services, Microsoft Azure, Heroku, and VMware Tanzu.

The Fastly Next-Gen WAF is also integrated with A10 Networks ADC appliances enabling optional application security controls for their customers. This partnership expands our reach to new customer segments, including organizations that primarily operate in private data centers, maintain a smaller public cloud footprint, or are located in different geographic regions where Fastly has had more limited historical penetration.

•Logging & Analytics: Our real-time logging feature integrates with more than 20 logging endpoint partners to allow customers to customize and visualize their edge data for better monitoring of performance and security anomalies. Examples include DataDog, Looker (Google Cloud), SumoLogic, Logentries, Google Cloud Platform (GCP), Microsoft (Azure Blob Storage), and more.

•Compute: We work with a growing ecosystem of partners who are tapping into our powerful Compute serverless technology to extend their solutions across a variety of different use-cases.

•Media & Entertainment: We have partnerships across a number of technology providers in the media and entertainment industry to enhance our edge platform’s performance features, modern security offerings, and real-time metrics.

Competition

Our platform spans several markets from cloud computing and cloud security to CDNs. We segment the competitive landscape into six key categories:

19

•Legacy CDN platform solutions like Akamai;

•Application and API security vendors like Akamai, Cloudflare, F5, and Thales (Imperva);

•Point CDN players like Bunny CDN, CDNetworks, CDN77, and Qwilt;

•CDN providers that also offer serverless edge compute functionality like Akamai and Cloudflare;

•Public cloud providers that have added CDN and WAF capabilities like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft (Azure); and

•Traditional on-premise, data center appliance vendors for load balancing, WAF, and/or DDoS like F5, Thales (Imperva), and Radware.

The principal competitive factors in our market include:

•platform functionality, scalability, performance, ease of use, ease of integration and programmability, reliability, security availability, and cost effectiveness;

•global network coverage and availability;

•ability to support modern application development processes and utilize new and proprietary technologies to offer services and features previously not available in the marketplace;

•ability to identify new markets, applications, and technologies;

•ability to attract and retain customers;

•brand, reputation, and trustworthiness;

•credibility with developers;

•quality of customer support;

•ability to recruit software engineers and sales and marketing personnel;

•ability to develop and protect intellectual property; and

•ability to identify opportunities for acquisitions and strategic relationships and successfully execute on them.

We believe we generally compete favorably with our competitors on the basis of these factors. Our edge cloud platform integrates many of the point products offered by our competitors which is a key differentiator. However, many of our competitors have substantially greater financial and technical resources in addition to larger sales and marketing budgets, broader market distribution, and more mature intellectual property portfolios.

20

Our Culture and Human Capital Resources

Our Values

Technology has the potential to make a radically positive impact on the world, and we aspire to improve human lives through our work. We were founded on strong ethical principles, and have intentionally grown values-first, scaling our workforce, services, customer portfolio, and investment partners purposefully. Our values guide our hiring practices as well as the ethics we are committed to upholding as we scale. We believe that as a result of our values, we have been able to identify, attract, engage and retain great people. We want to serve the very best of the Internet. We choose to work with customers that we believe have integrity, are trustworthy, and do not promote violence or hate. Our eight core values define who we are and how we choose to grow, hire, train, work, communicate, make decisions, support each other, and serve our customers.

Our Hiring Strategy

At Fastly, our ability to innovate and compete in the edge compute, delivery, security, and observability markets is directly tied to our ability to attract and retain specialized technical talent. We view our workforce as a strategic extension of our platform architecture: distributed, resilient, and high-performing.

Cultivating Technical Excellence and Belonging We are committed to building a workforce comprised of highly qualified individuals who reflect our core values. Our engineering recruitment focuses on attracting world-class experts in the foundational technologies of the internet, including Rust, WASM, and high-scale network security to foster our edge computing innovation.

Strategic Talent Pipelines and Development To maintain a competitive edge and a service-oriented culture, we leverage non-traditional talent pipelines. A key component of our strategy is our internal mobility program, which identifies high-potential talent from various backgrounds and technical training programs for our support organizations. These individuals often transition into broader roles across the company, infusing our product and engineering teams with a deep, customer-centric mindset and practical operational experience.

Total Rewards and Retention To attract and retain our highly qualified employees and executive team, we offer a competitive compensation program designed to align employee interests with long-term company success. This program includes a combination of competitive base salaries, performance-based incentives, comprehensive benefits, and a robust equity compensation component intended to motivate and reward long-term commitment and innovation.

21

We are building a global workforce and an inclusive culture that empowers and supports our employees and customers, regardless of background. We onboard all new employees with training programs on our values, our business, and important policies, including our Safe, Welcoming, and Productive Work Environment Policy. Annually thereafter we provide employees with code of conduct and security awareness training, a learning reimbursement program and performance evaluations. Our employee engagement efforts currently include company-wide newsletters and all-hands meetings, through which we aim to keep our employees well-informed and increase transparency. Our Employee Resource Groups are open to all employees and focus on making Fastly a better place where all employees are included, valued and engaged. We also use employee engagement surveys to collect employee feedback and assess the effectiveness of our culture, our strategy, and various health and well-being programs.

Employees

As of December 31, 2025, we had a total of 1,140 employees worldwide and 258 employees located outside of the United States; 47% of our employees resided within 50 miles of a Fastly office and 53% of our employees worldwide were considered remote, which means they resided more than 50 miles from a Fastly office or in locations where we do not have a Fastly office. We will continue to search for the best possible talent for every role and cultivate best-in-class in-office and remote employee experiences.

Our Organization

Sales & Marketing

Sales and marketing work closely to attract new customers and expand the adoption of our platform to help customers drive business outcomes.

We are building a go-to-market engine that scales, becomes increasingly more efficient, and is nimble enough to continue to grow our business in four dimensions:

•Customer logo acquisition

•Expansion into additional vertical markets and within existing customers

•Partner ecosystem leverage

•International expansion

Fastly’s marketing efforts have a significant impact on new logo acquisition, demand generation, and brand awareness. We are focused on optimizing the return on our marketing investment to drive demand across our portfolio and regions.

Our sales and marketing organizations collaborate to cultivate customer relationships with developers and business leaders at enterprises and technology-savvy organizations to drive revenue growth. We have geographically-based sales teams that continue to enhance our value-based selling methodology. Our land and expand sales strategy for enterprise customers has successfully demonstrated our platform’s capabilities, and our customer support enables broad adoption of our technology within an organization.

Customer Support

We have designed our products and platform to be self-service and require minimal customer support. Customers are automatically covered by our Standard support plan as soon as they sign up with us. They can file a ticket with the support team, and access documentation including online FAQs, API references, and configuration guidelines. Our support approach is unique and built with developers in mind. Our first-line support employee typically has an engineering background and is highly technical.

We also provide several options for premier, hands-on support from a team of highly-technical senior support engineers and technical account managers. They act as a single point of contact for our support, product, and engineering teams. Our support model is global, with 24/7 coverage and support offices located in North America, EMEA, and APAC.

22

Research & Development

Our research and development team members are responsible for the design, development, and reliability of all aspects of our edge cloud platform. Continuous improvement and innovation are core to our DNA, and these efforts are baked directly into our service life cycle. Scale, performance, security, and reliability are core functional requirements of everything we build into our platform to serve our customers.

Our philosophy of customer empowerment guides our research processes. Our product managers regularly engage with customers and developers, DevOps and site reliability engineering communities, as well as our internal stakeholders and subject matter experts, in order to understand customer needs. Our engineering team includes experts with deep experience who intimately understand customers’ technical challenges and build solutions that deliver outcomes our customers value the most.

Throughout the strategic design and build phases of our product life cycle, our development organization works closely with our product, infrastructure, operations, and compliance teams to design, develop, test, and launch any given solution. We strive for a balance of rapid iteration without compromise on the core functional requirements that our customers expect: scale, performance, security, and reliability.

As of December 31, 2025, we had 415 employees in our research and development group. Our research and development expenses were $162.7 million for the year ended December 31, 2025.

Infrastructure

Our infrastructure team is responsible for the design, deployment, and maintenance of the servers and network hardware that form the foundation of our mission critical edge cloud environment. We invest in research into global Internet geography to identify optimal colocation site selection, network partner identification, and network-to-network interconnection opportunities. These activities allow us to connect in close proximity to core Internet backbones and Internet service providers, thereby enhancing network performance. We carefully evaluate and test hardware from leading server, network, and component manufacturers to assess their compliance with our workload performance, system efficiency, and mean time-to-repair standards. In our process, we evaluate commodity server and network platforms to avoid vendor lock-in, while optimizing the mix of components in an effort to improve efficiency and optimize our capital expenditures. We intend to grow the number of data center colocation sites as traffic on our network grows and as demand for new markets justify investment.

Trust

Our security, compliance and data governance teams, as well as other departments across the company, continually iterate on our trust programs to better meet growing customer needs, updated regulatory requirements, and the evolving security threat landscape. To help validate the controls that safeguard our platform and the data moving through it, we have expanded our portfolio of security and compliance-related assessments and certifications over time.

Intellectual Property

We rely on a combination of patent, copyright, trademark, and trade secret laws in the United States and other jurisdictions, as well as license agreements and other contractual protections, to protect our proprietary technology. We also rely on a number of registered and unregistered trademarks to protect our brand.

As of December 31, 2025, in the United States, we had 112 issued or allowed patents, which expire between August 2033 and March 2043, 5 patent applications pending for examination. As of such date, we also had 22 issued patents and one patent application published or pending for examination in foreign jurisdictions, all of which are related to U.S. patents and patent applications. In addition, as of December 31, 2025, we had 18 registered trademarks and no pending trademarks in the United States. As of such date, we also had 35 registered trademarks in foreign jurisdictions.

In addition, we seek to protect our intellectual property rights by requiring our employees and independent contractors involved in development of intellectual property on our behalf to enter into agreements acknowledging that all works or other intellectual property generated or conceived by them on our behalf are our property, and assigning to us any rights, including intellectual property rights, that they may claim or otherwise have in those works or property, to the extent allowable under applicable law.

23

Despite our efforts to protect our technology and proprietary rights through intellectual property rights, licenses, and other contractual protections, unauthorized parties may still copy or otherwise obtain and use our software and other technology. In addition, we intend to continue to expand our international operations, and effective intellectual property, copyright, trademark, and trade secret protection may be unavailable or limited in foreign countries. Any significant impairment of our intellectual property rights could harm our business or our ability to compete. Further, companies in the communications and technology industries own large numbers of patents, copyrights, and trademarks and frequently threaten litigation, or file suit based on allegations of infringement or other violations of intellectual property rights. We are currently subject to, and expect to face in the future, allegations that we have infringed the intellectual property rights of third parties. From time to time, we also receive demands for indemnification from our customers under the terms of our contracts with them for infringement of a third-party’s intellectual property rights.