Security Week 2023

During this year's Security Week, we'll make Zero Trust even more accessible and enterprise-ready, better protect brands from phishing and fraud, streamline security management, deliver dynamic machine learning protections and more.

Updates and Annoucements

Welcome to Security Week

Welcome to Security Week 2023 we’ll demonstrate how Cloudflare is making it as easy as possible to shift from protecting applications, to protecting employees, and making sure they are protected everywhere.

Read the blog
Top 50 Most Impersonated Brands in phishing attacks and new tools you can use to protect your employees from them

We’re expanding the phishing protections available to Cloudflare One customers by automatically identifying—and blocking—so-called “confusable” domains. Common misspellings (cloudfalre.com) and concatenation of services (cloudflare-okta.com) are often registered by attackers to trick unsuspecting victims into submitting private information such as passwords, and these new tools provide an additional layer of protection against such attempts.

Read the blog
How to stay safe from phishing (and avoid being the bait)

Phishing attacks come in all sorts of ways to fool people. Email is definitely the most common, but there are others. Following up on our "Top 50 Most Impersonated Brands in Phishing Attacks" post, here are some tips to help you catch these scams before you fall for them.

Read the blog
Mutual TLS now available for Workers

Mutual TLS is used to secure a range of network services and applications: APIs, web applications, microservices, databases and IoT devices. With mTLS support for Workers you can use Workers to authenticate to any service secured by mTLS directly!

Read the blog
Locking down your JavaScript: positive blocking with Page Shield policies

Starting today, using Page Shield, Cloudflare’s client side security solution, you can ensure only vetted and secure JavaScript is being executed by your user’s browsers. Stop unwanted JavaScript and keep your end user data safe with Page Shield policies.

Read the blog
Using Cloudflare Access with CNI

We are thrilled to introduce an innovative new approach to secure hosted applications via Cloudflare Access without the need for any installed software or custom code on your application server. But before we dive into how this is possible, let's review why Access previously required installed software or custom code on your application server.

Read the blog
Cloudflare Aegis: dedicated IPs for Zero Trust migration

Lock down your services with Cloudflare Aegis: dedicated IPs for Cloudflare egress back to your applications.

Read the blog
No hassle migration from Zscaler to Cloudflare One with The Descaler Program

Cloudflare is excited to launch the Descaler Program, a frictionless path to migrate existing Zscaler customers to Cloudflare One. Cloudflare is making it even easier for enterprise customers to make the switch to a faster, simpler, and more agile foundation for security and network transformation.

Read the blog
The state of application security in 2023

One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks.

Read the blog
Scan and secure Atlassian with Cloudflare CASB

Cloudflare CASB can now integrate and scan Atlassian products, Confluence and Jira, for critical security issues, like misconfigurations, data exposure, and third-party app risks. Start scanning in just a few clicks!

Read the blog
Adding Zero Trust signals to Sumo Logic for better security insights

Announcing the expansion of support for automated normalization and correlation of Zero Trust logs for Logpush in Sumo Logic’s Cloud SIEM.

Read the blog
Cloudflare One DLP integrates with Microsoft Information Protection labels

Cloudflare One now supports Data Loss Prevention using Microsoft’s Information Protection labels.

Read the blog
Zero Trust security with Ping Identity and Cloudflare Access

Cloudflare Access and Ping Identity offer a powerful solution for organizations looking to implement Zero Trust security controls to protect their applications and data.

Read the blog
How sophisticated scammers and phishers are preying on customers of Silicon Valley Bank

In order to breach trust and trick unsuspecting victims, threat actors overwhelmingly use topical events as lures. The news about what happened at Silicon Valley Bank is the latest event to watch out for and stay vigilant against opportunistic phishing campaigns using SVB as the lure

Read the blog
Announcing Cloudflare Fraud Detection

Cloudflare Fraud Detection uses machine learning models to better protect businesses from fake account signups, account takeover attacks, and carding attacks to ensure businesses can operate online safely.

Read the blog
Automatically discovering API endpoints and generating schemas using machine learning

Today we’re announcing that Cloudflare can now automatically discover all API endpoints and learn API schemas for all of our API Gateway customers. Customers can use these new features to enforce a positive security model on their APIs even if they have little-to-no information about their APIs today.

Read the blog
Detecting API abuse automatically using sequence analysis

Today, we're announcing Cloudflare Sequence Analytics for APIs. Using Sequence Analytics, Customers subscribed to API Gateway can view the most important sequences of API requests to their endpoints. This new feature helps customers to apply protection to the most important endpoints first.

Read the blog
Using the power of Cloudflare’s global network to detect malicious domains using machine learning

Cloudflare has developed proprietary models leveraging machine learning and other advanced analytical techniques to detect security threats that take advantage of the domain name system (DNS).

Read the blog
Analyze any URL safely using the Cloudflare Radar URL Scanner

Try our URL Scanner. Cloudflare Radar’s newest free tool for an under-the-hood look at any webpage.

Read the blog
Announcing WAF Attack Score Lite and Security Analytics for business customers

We are making the machine learning empowered WAF and Security analytics view available to our Business plan customers, to help detect and stop attacks before they are known.

Read the blog
Post-quantum crypto should be free, so we’re including it for free, forever

Cloudflare makes the most advanced cryptography free for everyone, and it’s in beta today.

Read the blog
No, AI did not break post-quantum cryptography

The recent news reports of AI cracking post-quantum cryptography are greatly exaggerated. In this blog, we take a deep dive into the world of side-channel attacks and how AI has been used for more than a decade already to aid it

Read the blog
Super Bot Fight Mode is now configurable!

Super Bot Fight Mode can be used with Skip rules now to allow for configurable deployments.

Read the blog
Protect your key server with Keyless SSL and Cloudflare Tunnel integration

Now, customers will be able to use our Cloudflare Tunnels product to send traffic to the key server through a secure channel, without publicly exposing it to the rest of the Internet

Read the blog
How Cloudflare and IBM partner to help build a better Internet

Cloudflare Fraud Detection uses machine learning models to better protect businesses from fake account signups, account takeover attacks, and carding attacks to ensure businesses can operate online safely.

Read the blog
Stop brand impersonation with Cloudflare DMARC Management

Brand impersonation continues to be a big problem globally. Setting SPF, DKIM and DMARC policies is a great way to reduce that risk, and protect your domains from being used in spoofing emails. But maintaining a correct SPF configuration can be very costly and time consuming, and that’s why we’re launching Cloudflare DMARC Management.

Read the blog
How we built DMARC Management using Cloudflare Workers

At Cloudflare, we use the Workers platform and our product stack to build new services. Read how we made the new DMARC Management solution entirely on top of our APIs.

Read the blog
Cloudflare partners with KnowBe4 to equip organizations with real-time security coaching to avoid phishing attacks

Cloudflare’s Area 1 Solution works with Knowbe4 to provide customers with security and awareness training.

Read the blog
Introducing custom pages for Cloudflare Access

As more users start their day with Cloudflare Access, we’re excited to announce new options to customize how those users experience our industry-leading Zero Trust solution. We’re excited to announce customizable Cloudflare Access pages including login, blocks and the application launcher.

Read the blog
Cloudflare Access is the fastest Zero Trust proxy

Cloudflare Access is 75% faster than Netskope and 50% faster than Zscaler, and our network is faster than other providers in 48% of last mile networks

Read the blog
One-click ISO 27001 certified deployment of Regional Services in the EU

Cloudflare announces one-click ISO certified region, a super easy way for customers to limit where traffic is serviced to ISO 27001 certified data centers inside the European Union

Read the blog
Wildcard and multi-hostname support in Cloudflare Access

We are thrilled to announce the full support of wildcard and multi-hostname application definitions in Cloudflare Access

Read the blog
Account Security Analytics and Events: better visibility over all domains

Revealing Account Security Analytics and Events, new eyes on your account in Cloudflare dashboard to give holistic visibility. No matter how many zones you manage, they are all there!

Read the blog
Wildcard and multi-hostname support in Cloudflare Access

We are thrilled to announce the full support of wildcard and multi-hostname application definitions in Cloudflare Access

Read the blog
Everything you might have missed during Security Week 2023

Learn how Cloudflare made it easier to shift from protecting applications, to protecting employees, and making sure they are protected everywhere during Security Week 2023.

Read the blog