Security Week 2022

Welcome to our first innovation week of the year: Security Week! In this post we will be going over Cloudflare’s security products’ history giving you an introduction to all the great announcements we have planned.

Once the acquisition of Area 1 closes, we plan to give all paid self-serve plans access to their email security technology at no additional charge

The data we glean from attacks trains our machine learning models and improves the efficacy of our network and application security products, but historically hasn’t been available to query directly. This week, we’re changing that

We are excited to provide our new Cloudflare Web Application Firewall, with a Free Managed Ruleset to all Cloudflare users

Today we’re announcing the Cloudflare API Gateway. We’re going to completely replace your existing gateway at a fraction of the cost

We're very excited to announce multiple new integrations with CrowdStrike. These integrations combine the power of Cloudflare’s expansive network and Zero Trust suite, with CrowdStrike’s Endpoint Detection and Response (EDR) and incident remediation offerings

Right now we’re working on making the out-of-band CASB product a seamless part of the Zero Trust platform

Being a single pane of glass for all network activity has always been one of Cloudflare’s goals. Today, we’re outlining the future vision for Cloudflare observability.

In this post, we share some of the insights we’ve gathered from the 32 million HTTP requests/second that pass through our network

We are excited to introduce backup certificates to increase reliability of our service for anyone using the Cloudflare platform in the event of key compromises or related issues.

Correlating Cloudflare logs across your stack in New Relic One is powerful for monitoring and debugging in order to keep services safe and reliable. We’re excited to have partnered with New Relic to create a direct integration that provides this visibility.

We’re excited to announce that Cloudflare customers are now able to push their logs directly to QRadar. This direct integration leads to cost savings and faster log delivery for Cloudflare and QRadar SIEM customers.

The security landscape is moving fast. We invited users to help us shape a new WAF experience that enables us to evolve WAF to meet their demands and use cases

Today, we’re excited to give our SaaS providers new tools that will help them enhance the security of their customers’ applications

Today we are excited to complement managed rulesets (such as OWASP and Cloudflare Managed) with a new tool aimed at identifying bypasses and malicious payloads without human involvement, and before they are exploited

If you have Cloudflare Zaraz enabled on your website, you don’t have to ask yourself twice if you should enable CSP because there’s no harmful collision between CSP & Cloudflare Zaraz.

Advance Rate Limiting allows counting requests based on virtually any characteristics of the HTTP request, regardless of its source IP

Our customers can choose to allowlist any bot that is verified. Unfortunately, new bots are popping up faster than we can verify them. So today we’re announcing a solution: Friendly Bots

How Envoy Media uses Bot Score and Machine Learning to improve business outcomes

Today, we’re excited to announce that Clientless Web Isolation is generally available

How Cloudflare has evolved our Machine Learning models to identify automated traffic in mobile apps.

Today, we’re extending the availability of Magic Transit to customers with smaller networks by offering Magic Transit-protected, Cloudflare-managed IP space

Today, we’re excited to announce the general availability of on-demand packet captures from Cloudflare’s global network

Today we are excited to announce that Cloudflare and Aruba are working together to develop a solution that will enable Aruba customers to connect EdgeConnect SD-WAN’s with Cloudflare's global network to further secure their corporate traffic with Cloudflare One

Today, we’re excited to announce the ability to route traffic from user devices with our lightweight roaming agent (WARP) installed to any network connected with our Magic IP-layer tunnels

As a company, we are constantly asking ourselves what we can do to provide more value to our customers, including integrated solutions with our partners.

We built SSH command logging into Cloudflare Zero Trust to provide SSH visibility at a network layer instead of relying on software on individual machines

Starting today, you can build Zero Trust rules that require periodic authentication to control network access

Cloudflare is committed to bolstering our security posture with best-in-class solutions — which is why we often turn to our own products as any other Cloudflare customer would.

Cloudflare has been hooked on securing customers globally since its inception. Our services protect customer traffic and data as well as our own, and we are continuously improving and expanding those services to respond to the changing threat landscape of the Internet

Cloudflare is making it easier for enterprise account owners to manage their team’s access to Cloudflare by allowing user access to be scoped to sets of domains

We asked ourselves: can we use our own products to secure IoT devices themselves — even on the same network as production systems? Using Cloudflare One, the answer is yes.