Cloudflare Announces API Gateway; Increases Security for Billions of Devices and Systems with Robust Machine Learning Engine

Now organizations can secure, manage, and monitor all of their APIs in one easy-to-use dashboard

San Francisco, CA, March 16, 2022 — Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced the Cloudflare API Gateway, providing businesses a simple, fast, and effective way to protect and control all of their APIs (application programming interfaces). Organizations are using APIs more than ever before, yet many of them struggle to secure this traffic as legacy solutions are often expensive, overly complex, and slow. Cloudflare API Gateway will simplify the process of identifying, securing, and managing APIs of any protocol on one of the world’s largest and most interconnected networks.

The world runs on APIs—our phones, smartwatches, banking systems, and shopping sites all rely on APIs to communicate—and API traffic generates more than 50% of all the HTTP requests on Cloudflare’s global network. With this explosive growth it has become more critical than ever for businesses of all sizes to have robust protection and a clear view of their API suite. According to Gartner®: “API security challenges have emerged as a top concern for most software engineering leaders, as unmanaged and unsecured APIs create vulnerabilities that could accelerate multimillion dollar security incidents.” However, traditional legacy solutions are often difficult to implement, expensive to run, and unreasonably slow. Now, Cloudflare API Gateway provides a single hub allowing businesses to quickly discover APIs they weren’t aware of and easily secure them in just a few clicks.

“APIs were never built with security in mind. Yet, today APIs are involved in nearly every app a consumer or employee touches, often carrying our sensitive personal data,” said Matthew Prince, CEO and co-founder of Cloudflare. “Every day Cloudflare’s network blocks about 86 billion cyber threats for our customers. We’re confident that no other API tool sees the breadth or volume of threats that we do. We’ve built next generation AI and Machine Learning engines that take API management to a new level; automatically detecting new APIs and preventing threats. As with other Cloudflare products, API Gateway will do all of this at a fraction of the cost and without the latency introduced by legacy solutions.”

With Cloudflare API Gateway, businesses will be able to:

  • Identify and stop API abuse: Leveraging Cloudflare’s unique Machine Learning engine that processes 32+ million requests per second, customers can now automatically analyze their API traffic to detect and prevent API abuses.
  • Automatically detect unmanaged APIs: As API use grows, sometimes developers may publish APIs that security teams aren't aware of. Cloudflare API Gateway passively scans the entire network and automatically lists API endpoints for complete visibility.
  • Create and manage APIs directly with Cloudflare Workers: Customers will be able to use integrations with Cloudflare Workers to create lightweight, dynamic APIs that run at our edge.
  • Offload authentication and authorization: The gateway will support industry protocols like OAuth 2.0, JSON Web Tokens (JWT) as well as leverage authentication methods available in Cloudflare Access such as Mutual TLS and service tokens.
  • Seamlessly route, log, and measure API requests: Cloudflare's existing products, like Transform Rules, will introduce native gateway functionality without adding latency, helping keep Cloudflare’s API Gateway as fast as possible.

Schema Validation, API Discovery, mTLS, and API Abuse detection are available today, with remaining features coming later this year. To learn more about Cloudflare API Gateway, please check out the resources below:

Source: Gartner, “Predicts 2022: APIs Demand Improved Security and Management”, Shameen Pillai, Jeremy D'Hoinne, John Santoro, Mark O'Neill, Sham Gill, 6 December 2021. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was named to Entrepreneur Magazine’s Top Company Cultures 2018 list and ranked among the World’s Most Innovative Companies by Fast Company in 2019. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, New York, NY, San Jose, CA, Seattle, WA, Washington, D.C., Toronto, Lisbon, London, Munich, Paris, Beijing, Singapore, Sydney, and Tokyo.

Forward-Looking Statements This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern our expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding the the growth of API usage and traffic, the capabilities and effectiveness of Cloudflare API Gateway, the potential benefits to customers of using Cloudflare API Gateway, the timing of when Cloudflare API Gateway and the various features included in Cloudflare API Gateway will be generally available to all current and potential Cloudflare customers, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by Cloudflare’s CEO and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Annual Report on Form 10-K filed on March 1, 2022, as well as other filings that Cloudflare may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in our forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.

© 2022 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.

Press Contact Information
Daniella Vallurupalli
+1 650-741-3104