SOLUTIONS
Deliver Superior Online Experiences
Mitigate DDoS Attacks Stop Malicious Bot Abuse Accelerate Internet Applications Ensure Application Availability Optimize Web Experiences Stream Videos On-Demand Superior Online Experience for China Users
Secure Employee Applications and Devices
Deliver Zero Trust Access to Applications Implement Secure Access Service Edge (SASE) Protect Users Accessing the Internet Protect Corporate Networks Manage Secure Contractor Access Replace Virtual Private Networks (VPNs) Secure Your Remote Workforce Stop Zero Day Attacks with Browser Isolation
 
Protect and Accelerate Networks
Cloudflare's Network Services Mitigate L3 DDoS Attacks Connect network infrastructure with Cloudflare Transform Corporate Networks
Code on the Network Edge
Build a Serverless Application Deploy a Static Website Configure a CDN Define Conditional Request Routing
Manage a Secure Cloud
Secure Hybrid, Cloud, & SaaS Platforms Enable SSL for SaaS Applications Reduce Cloud Data Transfer Costs
Register a Website
Register or Transfer a Website
INDUSTRIES
eCommerce Financial Services Gaming Healthcare and Life Sciences Media and Entertainment Public Sector SaaS Education
PUBLIC INTEREST
Election Campaigns Athenian Project Project Galileo Project Fair Shot
FOR INFRASTRUCTURE
Application & Network Security
API Shield Bot Management DDoS Protection Magic Transit Magic WAN Network Interconnect Rate Limiting TCP / UDP Applications SSL / TLS SSL/TLS for SaaS Providers WAF
Performance & Reliability
Argo Smart Routing CDN China Network DNS Load Balancing Stream Delivery Waiting Room
FOR TEAMS
Cloudflare for Teams Access Gateway Browser Isolation
FOR DEVELOPERS
Serverless Applications
Cloudflare Workers Cloudflare Workers KV
Domain Registration
Cloudflare Registrar
Website Development
Cloudflare Pages Cloudflare Stream
SaaS Developers
Cloudflare for SaaS
FOR EVERYONE
1.1.1.1 1.1.1.1 with WARP (App) 1.1.1.1 for Families
INSIGHTS
Analytics Cloudflare Logs Web Analytics Cloudflare Radar
PRIVACY
Data Localization Compliance
FOR INFRASTRUCTURE
Advanced Security
Bot Management Firewall rules Magic Transit Spectrum (TCP/UDP) SSL WAF
Performance & Reliability
CDN DNS Image Resizing Load Balancing Stream (Video)
 
Insights
Analytics
Domain Registration
Registrar
FOR SERVERLESS APPLICATIONS
Workers Quick Start Cloudflare Pages Sample Workers Projects Workers Tutorials Command-line (Wrangler) Runtime
FOR TEAMS
Cloudflare for Teams
EXPLORE CLOUDFLARE API
Cloudflare API API Authentication
DOCUMENTATION HUB
Dev Documentation Hub
RESOURCES
Resource Hub Whitepapers Webinars Solutions & Product Guides Case Studies Analysts
EXPLORE
What's New? Network Map Cloudflare in China GDPR
GET STARTED
Register Your Website Welcome Center Get Help
LEARN
Learning Center Security DDoS Bot Management SSL Identity and Access Management Performance CDN DNS Cloud Serverless Network Layer
CONNECT
Blog Community
TRUST
Trust Hub Privacy & Data Protection Certifications Trust & Safety GDPR Legal Documentation
CONTACT
+1 650 319 8930
CHANNEL & ALLIANCE PARTNERS
Partner Network Partner Portal
TECHNOLOGY PARTNERS
Overview Analytics Partners Bandwidth Alliance Endpoint Security Partnerships Interconnect Partnerships Network On-ramp Partnerships Peering Portal
PRICING BY PLAN
Free Pro Business Enterprise
COMPARE AND EXPLORE
Need Help Choosing a Plan? Add Ons Compare All Plans

Certifications and compliance resources

Learn about Cloudflare’s adherence to industry-standard security compliance certifications and regulations.

Cloudflare was built to help you and your customers be more secure on the Internet. Learn about the certifications that help us preserve that security.

analytics privacy hero modified 616px

ISO 27001:2013

ISO/IEC 27001:2013 is an industry-wide accepted information security certification that focuses on the implementation of an Information Security Management System (ISMS) and security risk management processes. Cloudflare has been ISO 27001 certified since 2019 and the certificate is available upon request.

ISO 27701:2019

ISO/IEC 27701:2019 is a new ISO privacy certification, implementing a comprehensive Privacy Information Management System (PIMS) aligned with various privacy regulations including the GDPR. Cloudflare has been ISO 27701 certified as a PII Processor and PII Controller since 2021 — read our blog below to learn more.

ISO 27018:2019

ISO/IEC 27018:2019 is an international privacy certification that extends an Information Security Management System (ISMS) to protect personal data when being processed in a public cloud. Cloudflare has been ISO 27018 certified since 2022 and the certificate is available upon request.

FedRAMP Moderate

Cloudflare maintains FedRAMP Moderate Agency authorization, allowing federal agencies to adopt Cloudflare's performance, security and Zero Trust solutions. Cloudflare for Government has been FedRAMP Authorized since 2022. For more information on Cloudflare's FedRAMP authorization, visit the FedRAMP marketplace

SOC 2 Type II

Cloudflare has undertaken the AICPA SOC 2 Type II certification to attest to Security, Confidentiality, and Availability controls in place in accordance to the AICPA Trust Service Criteria. Cloudflare's SOC 2 Type II report covers security, confidentiality, and availability controls to protect customer data and is available upon request.

PCI DSS 3.2.1

Cloudflare maintains PCI DSS Level 1 compliance and has been PCI compliant since 2014. Cloudflare's Web Application Firewall (WAF), Cloudflare Access, Content Delivery Network (CDN), Time Service, Workers, and Workers KV are PCI compliant solutions. Cloudflare is audited annually by a third-party Qualified Security Assessor QSA. Cloudflare's Attestation of Compliance is available upon request

WCAG 2.1 AA and Section 508

Cloudflare's dashboard completes Voluntary Product Accessibility Template (VPAT) in compliance with international standards set forth by the Web Content Accessibility Guidelines (WCAG) 2.1 AA and in conformance with legal standards set forth by Section 508 of the Rehabilitation Act.

BSI Qualification

Cloudflare has been recognized by the German government's Federal Office for Information Security as an qualified provider of DDoS mitigation services. Download this qualification to learn more.

C5:2020

Cloud Computing Compliance Criteria Catalogue (C5:2020) is an auditing standard created by Germany's Federal Office for Information Security (BSI). The C5 standard ensures cloud service providers adhere to a baseline of information security criteria. The C5 report covers security controls to protect customer data and is available upon request.

1.1.1.1 Public DNS Resolver Privacy Examination

On April 1, 2018, we took a big step toward improving Internet privacy and security with the launch of the 1.1.1.1 public DNS resolver - the Internet's fastest, privacy-first public DNS resolver. Cloudflare conducted a first-of-its-kind privacy examination by a Big Four accounting firm to determine whether the 1.1.1.1 resolver was effectively configured to meet Cloudflare’s privacy commitments. See below for more information.

To provide you with the best possible experience on our website, we may use cookies, as described here.
By clicking accept, closing this banner, or continuing to browse our websites, you consent to the use of such cookies.