Not yet. Fastly has not publicly deployed post-quantum TLS on its edge network. Fastly uses classical TLS with RSA/ECDSA for content delivery and compute@edge services.
Key Takeaway: Fastly is NOT quantum safe. Scan your Fastly-connected infrastructure with QScout. Monitor Fastly security announcements for PQC support. Evaluate CDN provider PQC readiness as part of vendor risk assessment.
Fastly is NOT quantum safe today. **Current State:** Fastly's CDN and Compute@Edge platform use TLS 1.2/1.3 with classical RSA and ECDSA certificates for all client-facing and origin connections. **PQC Progress:** Fastly has shown PQC awareness but no public deployment: - **Edge TLS**: No public announcement of PQC key exchange support. - **Compute@Edge**: WebAssembly runtime uses classical TLS for all external connections. - **Fastly uses H2O** (HTTP server) — PQC support would require H2O library updates. **HNDL Risk:** Fastly delivers content for high-traffic websites and APIs. Classical TLS on Fastly's edge creates HNDL exposure for all traffic passing through Fastly infrastructure. **What Organizations Should Do:** Audit your Fastly service configurations and origin connections. Use QScout to map your Fastly-connected cryptographic surface.
| Full Name | Fastly Edge Cloud Platform |
| Category | infrastructure |
| Quantum Vulnerability | Fastly edge TLS uses classical key exchange (RSA/ECDH) vulnerable to quantum attack. |
| NIST Status | Fastly has not publicly announced NIST PQC standard deployment. |
| Deprecation Timeline | Fastly has not published PQC migration timelines. |
| Replaced By | Fastly will need to deploy ML-KEM for TLS key exchange on its edge platform |
Scan your Fastly-connected infrastructure with QScout. Monitor Fastly security announcements for PQC support. Evaluate CDN provider PQC readiness as part of vendor risk assessment.
QScout discovers every instance of Fastly across your infrastructure in 7 days — with zero operational disruption. 72-hour time to first findings.