Improved Cloudflare Workers testing via Vitest and workerd03/15/2024Today, we’re excited to announce a new Workers Vitest integration - allowing you to write unit and integration tests via the popular testing framework, Vitest, that execute directly in our runtime, workerd...Continue reading »Brendan CollAdam Murray
Undersea cable failures cause Internet disruptions for multiple African countries03/14/2024Cloudflare RadarOutageInternet TrafficTrendsInternet connectivity in several African countries was disrupted on March 14, 2024, beginning at approximately 05:00 UTC. Based on published reports and social media posts from impacted network providers, the disruption is believed to be due to multiple undersea cable failures in the region...João ToméDavid Belson
Upcoming Let’s Encrypt certificate chain change and impact for Cloudflare customers03/14/2024SecurityDevelopersDeveloper PlatformSSLTLSApplication SecurityLet’s Encrypt’s cross-signed chain will be expiring in September. To prepare for the change, after May 15th, 2024, Cloudflare will start issuing certs from Let’s Encrypt’s ISRG X1 chain. This change will impact legacy devices with outdated trust stores (Android versions 7.1.1 or older)...Dina Kozlov
Mitigating a token-length side-channel attack in our AI products03/14/2024Bug BountyLLMVulnerabilitiesDeveloper PlatformWorkers AIAI GatewaySASEThe Workers AI and AI Gateway team recently collaborated closely with security researchers at Ben Gurion University regarding a report submitted through our Public Bug Bounty program. Through this process, we discovered and fully patched a vulnerability affecting all LLM providers. Here’s the story...Celso MartinhoMichelle Chen
Security Week 2024 wrap up03/11/2024Security WeekZero TrustApplication SecurityEmail SecurityAIA summary of the blog posts and product announcements released during Security Week 2024...Daniele MolteniAnkur Aggarwal
Log Explorer: monitor security events without third-party storage03/08/2024Security WeekAnalyticsLogsSecurityR2 StorageSIEMProduct NewsWith the combined power of Security Analytics + Log Explorer, security teams can analyze, investigate, and monitor for security attacks natively within Cloudflare, reducing time to resolution and overall cost of ownership for customers by eliminating the need to forward logs to third-party SIEMs...Jen SellsClaudio JolowiczCole MacKenzie
Launching email security insights on Cloudflare Radar03/08/2024Security WeekCloudflare RadarEmailEmail RoutingEmail SecurityTrendsThe new Email Security section on Cloudflare Radar provides insights into the latest trends around threats found in malicious email, sources of spam and malicious email, and the adoption of technologies designed to prevent abuse of email...David Belson
Protocol detection with Cloudflare Gateway03/08/2024Security WeekCloudflare GatewayZero TrustCloudflare Gateway, our secure web gateway (SWG), now supports the detection, logging, and filtering of network protocols using packet payloads without the need for inspection...Ankur Aggarwal
Network performance update: Security Week 202403/08/2024Security WeekNetwork Performance UpdateNetworkCloudflare is the fastest provider in 44% of networks around the world for 95th percentile connection time. Let’s dig into the data and talk about how we do it...David Tuber
Harnessing chaos in Cloudflare offices03/08/2024Security WeekRandomnessLavaRandThis blog post will cover the new sources of “chaos” that have been added to LavaRand and how you can make use of that harnessed chaos in your next application...Cefan Daniel RubinLuke ValentaThibault Meunier
Introducing Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs) for threat intelligence teams03/08/2024Security WeekCloudforce OneSecurityThreat IntelligenceApplication ServicesVisibilityOur Security Center now houses Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs). These features are available via API as well and Cloudforce One customers can start leveraging them today for enhanced security analysis...Javier CastroAlexandra Moraru
Cloudflare’s URL Scanner, new features, and the story of how we built it03/08/2024Security WeekURL ScannerSecurityAPIDiscover the enhanced URL Scanner API: Now with direct access from the Security Center Investigate Portal, enjoy unlisted scans, multi-device screenshots, and seamless integration within the Cloudflare ecosystem...Sofia CarditaAlexandra Moraru
Cloudflare protects global democracy against threats from emerging technology during the 2024 voting season03/07/2024Security WeekElection SecurityIn 2024, more than 80 national elections are slated to occur, directly impacting approximately 4.2 billion individuals. At Cloudflare, we’re ready to support a range of players in the election space by providing security, performance, and reliability tools to help facilitate the democratic process...Jocelyn Woolbright
Building secure websites: a guide to Cloudflare Pages and Turnstile Plugin03/07/2024Security WeekTurnstileCAPTCHASecurityCloudflare PagesBotsSpeed & ReliabilityLearn how to use Cloudflare Pages and Turnstile to deploy your website quickly and easily while protecting it from bots, without compromising user experience. Follow our tutorial here for a seamless integration...Sally Lee
Free network flow monitoring for all enterprise customers03/07/2024Security WeekMagic Network MonitoringNetworkMonitoringIoTMagic TransitMagic WANCloudflare OneToday, we’re excited to announce that a free version of Cloudflare’s network flow monitoring product, Magic Network Monitoring, is now available to all Enterprise Customers...Chris Draper
Advanced DNS Protection: mitigating sophisticated DNS DDoS attacks03/07/2024Security WeekDNSAdvanced DDoSNetwork ProtectionWe're proud to introduce the Advanced DNS Protection system, a robust defense mechanism designed to protect against the most sophisticated DNS-based DDoS attacks...Omer YoachimikCody Doucette
General availability for WAF Content Scanning for file malware protection03/07/2024Security WeekWAFWAF RulesContent ScanningProduct NewsGeneral AvailabilityAnti MalwareAnnouncing the General Availability of WAF Content Scanning, protecting your web applications and APIs from malware by scanning files in-transit...Radwa RadwanPaschal ObbaShreya Shetty
Collect all your cookies in one jar with Page Shield Cookie Monitor03/07/2024Security WeekPage ShieldPrivacyProduct NewsProtecting online privacy starts with knowing what cookies are used by your websites. Page Shield extends transparent monitoring to HTTP cookies, empowering security and compliance teams with an easy overview without the need for an external scanner, nor changing existing web applications...Zhiyuan Zheng
Magic Cloud Networking simplifies security, connectivity, and management of public clouds03/06/2024Security WeekNetworkAWSEC2Google CloudMicrosoft AzureSASECloudflare OneMulti-CloudZero TrustProduct NewsMagic WANIntroducing Magic Cloud Networking, a new set of capabilities to visualize and automate cloud networks to give our customers secure, easy, and seamless connection to public cloud environments...Steve WelhamDavid Naylor
Linux kernel security tunables everyone should consider adopting03/06/2024Security WeekLinuxKernelDeep DiveSecurityThis post illustrates some of the Linux Kernel features, which are helping us to keep our production systems more secure. We will deep dive into how they work and why you may consider enabling them as well...Ignat Korchagin
Cloudflare treats SASE anxiety for VeloCloud customers03/06/2024SASEMagic WANCloudflare NetworkSecurity WeekSecurityThe turbulence in the SASE market is driving many customers to seek help. We’re doing our part to help VeloCloud customers who are caught in the crosshairs of shifting strategies...Brian Tokuyoshi