The best part of our job is the time we spend talking to Cloudflare customers. We always learn something new and interesting about their IT and security challenges.

In recent years, something about those conversations has changed. More and more, the biggest challenge customers tell us about isn’t something that’s easy to define. And it’s definitely not something you can address with an individual product or feature.

Rather, what we’re hearing from IT and security teams is that they are losing control of their digital environment.

This loss of control comes in a few flavors. They might express hesitance about adopting a new capability they know they need, because of compatibility concerns. Or maybe they’ll talk about how much time and effort it takes to make relatively simple changes, and how those changes take time away from more impactful work. If we had to sum the feeling up, it would be something like, “No matter how large my team or budget, it’s never enough to fully connect and protect the business.”

Does any of this feel familiar? If so, let us tell you that you are far from alone.

The rate of change in IT and security is accelerating, bringing with it dreaded complexity. IT and security teams are responsible for a wider variety of technological domains than they were in years past. Recent research from Forrester confirms these shifts: of teams responsible for securing in-office, remote, and hybrid workers, 52% only took that on in the past five years. Meanwhile, 46% gained responsibility for managing and securing public cloud applications in that time, and 53% were handed the thorny issue of regulatory compliance.

IT and security teams have been handed a monumental challenge: connect remote teams, on-premises teams and infrastructure, multiple cloud environments, SaaS apps, and more, so they function like a single, secure environment. But doing so is difficult for multiple reasons:

• In most businesses, proprietary infrastructure, unique compliance needs, and semi-compatible processes and configurations make it hard to connect clouds, SaaS apps, web apps, and on-prem infrastructure. Those domains simply weren’t built to work together easily and securely.

• Conway’s Law tells us that systems tend to match the communication structure of their organization. And, through no fault of their own, many IT and security teams are quite siloed.

The circumstances are often ripe for IT and security to get bogged down with workarounds and tangled interdependencies.

Luckily, we’ve found a way forward.

Frequently, an important part of customer conversations is being able to read between the lines. When customers speak about loss of control, they seem to be quietly wishing for something they think doesn’t exist. What they want is a connective tissue for everything IT and security are responsible for — something that reduces complexity by working with everything in the environment, being available everywhere, and performing whatever security, networking, and development functions are needed.

Further research confirmed our suspicions. Surveys of IT and security leaders indicate that 72% would highly value a secure “any-to-any” cloud platform. And they said they would invest an average of 16% of their entire IT and security budget in such a platform.

That got us to thinking — what exactly would that sort of cloud platform look like? How would it accomplish everything it had to?

We’ve got answers to share: a connectivity cloud.

A connectivity cloud is a new approach for delivering the many services companies need to secure and connect their digital environment. It’s a unified, intelligent, platform of programmable cloud-native services that enable any-to-any connectivity between all networks (enterprise and Internet), cloud environments, applications and users. It includes a huge array of security, performance, and developer services — not with an eye to replace everything everywhere, but with the ability to fit in wherever needed and consolidate many critical services onto a single platform.

A connectivity cloud is built around four fundamental principles.

1. Deep integration — Organizations rely on the Internet to connect various elements of their digital environment with their workers, partners and customers. A connectivity cloud is integrated natively with the Internet and with enterprise networks, offering secure, low-latency, infinitely scalable connectivity between every user, application, and infrastructure. It’s as fast and straightforward as the Internet at its best, without the risk or uncertainty.

2. Programmability — Every enterprise digital environment has proprietary infrastructure, multiple clouds, unique compliance needs, and other highly specific tooling, processes, and configurations. A connectivity cloud’s architecture provides limitless interoperability and customizable networking, letting it adapt to those unique needs while still providing consistent user experiences and efficient management.

3. Platform intelligence — Organizations need a wide variety of services to connect and secure everything in their digital environment. But integrating everything is onerous, and trying to manage it all causes inefficiency and security gaps. A well-architected connectivity cloud has a wide range of services built in at a foundational level, and analyzes extremely high volumes and varieties of traffic in order to automatically update intelligence models.

4. Simplicity — Too many IT and security services means too many dashboards, leading to inefficiency, poor visibility, and alert fatigue. While 100% consolidation onto one platform isn’t the answer, a connectivity cloud greatly reduces tool sprawl and dashboard overload by managing much more of the IT environment from a single pane of glass.

With these qualities, the connectivity cloud lets you add new services to your digital environment without losing even more control — and also helps restore control to what you’ve already got.

We’ll admit we’re predisposed to find those four qualities particularly important. From our earliest days, we’ve built our services based on the principles of integration, programmability, platform intelligence, and simplicity. And now, our overall portfolio is comprehensive enough to help customers achieve these benefits when tackling a huge array of security and IT needs.

Because of this approach, we’re proud to say that Cloudflare is the world’s first connectivity cloud.

But don’t take our word for it. Here are a few examples of customers that have used Cloudflare to help resolve their own crises of control:

A connectivity cloud’s programmability, deep network integration, and built-in intelligence make it ideal for delivering secure access to corporate resources.

The electronics retailer Conrad Electronic told us, “Just keeping people online created a series of administrative bottlenecks.” Nearly half of their 2,300 employees need to access corporate applications remotely. Enabling that access was burdensome: they had to deploy and configure VPN clients for each user.

Conrad Electronic now uses Cloudflare’s connectivity cloud to provide secure remote access to hundreds of corporate applications. Their management burden is significantly lower, with their team telling us they now have much more time per month to devote to improving their web operations. What’s more, their security posture is stronger: “We can restrict specific individuals or secure sensitive areas with a mouse click. Not having to maintain 1,000 VPN profiles improves our security and saves us time and money.”

A connectivity cloud’s threat intelligence, network integration, and unified interface also make it excellent at closing securing gaps and enabling secure application delivery on a global scale.

The multinational retail and wholesaling company Carrefour has a thriving and rapidly growing ecommerce presence. However, when cyber attacks ramped up, simply growing their security stack didn’t help. As their security team told us, “The interlacing of multiple tools complicated coordination and control of the architecture…additionally, the lack of integration across tools made investigating and resolving security and performance issues a complex and time-consuming effort.”

As part of their broader security transformation, they adopted Cloudflare’s connectivity cloud to prevent web exploits, zero-day threats, and malicious bot attacks. Doing so allowed them to replace five security tools from different vendors. And since then, they’ve reduced their incident resolution time by 75%.

Finally, a connectivity cloud’s programmability and network integration help it power innovative development in almost any context.

The global design juggernaut Canva is one example. Previously, they used a variety of developer platforms to run custom code at the network edge. But they found those services too time-consuming to use, and ran into limitations that held their innovation back.

Cloudflare’s connectivity cloud has become “a critical part of our software” They use the connectivity cloud’s developer services to build and run custom code, optimize page delivery for SEO, and time-limit content access. Recently, they told us “Thanks to Cloudflare, we can focus on growing our product and expanding into new markets with confidence, knowing that our platform is fast, reliable, and secure.”

What’s more, their experience has led to them also adopting Cloudflare’s for secure access and application delivery — a hugely gratifying example of a connectivity cloud operating at full power.

Customers are the inspiration for our innovation, and our connectivity cloud vision is no exception. We live to make things easier, faster, more secure and more connected – and it’s amazing to see how the connectivity cloud helps reduce complexity and increase security.

You can learn more about the connectivity cloud here — but we hope that’s just the beginning. Reach out to all of us at Cloudflare to ask questions and make suggestions — I look forward to continuing the conversation discovering ways we can continue to help customers on their secure, connected journey.

We take a break from Platform Week to share big news – we’re going to New York this week for our Cloudflare Connect customer event.

We’re packing our bags, getting on planes and heading to New York to do our first live customer event since 2019 and we could not be more excited.  It is time with you – the people building, delivering and securing the apps and networks we know and trust – that are the inspiration for the innovation we deliver.  We can’t wait to spend time with you.

Our co-founder and CEO Matthew Prince will kick off the day with his view from the top.  We’ll then be breaking out into focused conversations to dig in on our latest product news and roadmaps.

Excited about what we’re talking about for Platform Week?  Come chat with the Workers team in person and hear more about the roadmap.

Intrigued by the latest DDoS stats we posted and want to learn more?  Meet with the team analyzing the attacks and learn about where we go from here.

Not sure where to start your Zero Trust journey?  We’ll talk you through what we’re seeing and introduce you to other customers who are in the process of rolling out Zero Trust solutions for their teams so you can learn from each other.

Don’t miss it!  Register now – use the code BetterInternet to join us in-person for free.  Not in New York?  No worries – we’re coming to London, Sydney and San Francisco later this year.

We are 11! And we also may be a little bleary-eyed and giddy from a week of shipping.

Our Birthday Weeks are one of my favorite Cloudflare traditions — where we release innovations that help to build a better Internet. Just this week we tackled email security, expanded our network into office buildings, and entered into the Web3 world.

But these weeks also precipitate the most common questions I’m asked from my product and engineering peers across the industry: how do we do it? How do we get so much stuff out so quickly? That we are able to innovate — and innovate so quickly — is no happy accident. In fact, this capability has been very deliberately built into the DNA of Cloudflare. I want to touch on three of the reasons unique to us: one relates to our people, one relates to our technology, and one relates to our customers.

The seeds of innovative ideas start with our team. One of the core things we look for when hiring in every role at Cloudflare — be it engineering and product or sales or account — is curiosity. We seek people who approach a situation with curiosity — who seek to understand the what, the how, and perhaps most importantly, the why of the world around them. Innovation at its core is finding new ways to solve existing problems, and this curiosity is jet fuel for innovation. It pushes us to challenge the status quo. It is through this inquiry that we identify assumptions and unnecessary points of friction.

We turn our curiosity towards the world in front of us, the problems that “bug” us about our workflows and the business of the Internet. This is as much about innovating with code as it is about upending business models that don’t make sense to us. It frustrated us that hackers used DDoS attacks to perpetrate financial terrorism by driving up the cost of their victim’s web hosting and delivery bills, so as part of Birthday week in 2017 we made our DDoS protection free and accessible to all. Interestingly, we also have seen a correlating drop in DDoS attacks against many types of sites since then. This year we turned our attention to the egregious egress fees charged by cloud providers and delivered R2, our object storage solution which offers the ability to store large amounts of data — both expanding what developers can build on Cloudflare while slashing the egress bandwidth fees associated with cloud provider storage to zero. We also continue to expand our at-cost registrar service to more TLDs.

There’s an important attribute that partners with curiosity, however. To innovate, we listen. One of the things I screen for when we hire product managers is their ability to listen and synthesize the information they are hearing and then their ability to distill it into actionable problems for us to tackle. We ship early and often with initial concepts. We must listen closely to the feedback from customers — both what they tell us through community forums, support tickets, and meetings and through what they show us in how they adopt and use a feature — and quickly fold this back into the roadmap and the next stage of development. Like some of what you saw this week? Watch our blog for updates and new features as we round out and mature the products.

We like to say Cloudflare was built on Cloudflare and for Cloudflare. This means we eat our own dog food with a glass of our own champagne on the side. We wanted a way to connect with our customers and the community, so we built ourselves a real-time streaming service and launched CloudflareTV. Over the past 18 months we ironed out the kinks and this week we made that available to all of you to stand up your own network. We care deeply not only about the capabilities we deliver but how they look and feel. This focus leads to big innovations, but also leads to smaller improvements in how our tools look and feel, like Dark Mode, which was a passion project of a few of our front-end developers and one of the most requested features of all time by our own team.

So that’s an example of what happens. But how were we able to do this?

It’s driven by our Workers platform. This isn’t just something that’s making our customers' lives easier. No containers to manage; no scaling to handle. We use it, too. It’s a layer of abstraction on top of our network that enables a massive amount of development velocity. Our unified architecture provides a single, scalable platform on which to innovate and allows us to roll things out in a matter of seconds across our entire network (and roll them back even more quickly if things don’t go to plan, which also sometimes happens). We’re constantly striving to make this network faster, safer, and more reliable. We’re constantly evolving our network to make it better. A couple of weeks ago we announced we’d expanded to 250 cities and are now within 50 milliseconds of 95% of the Internet-connected population. This week we expanded the footprint of our network into office buildings, getting even closer to end users.

This abstraction enables us to have smaller teams to build any new product or service. While others in the industry talk about building “pizza box” teams — teams small enough that they can all share a pizza together — many of our innovation efforts start with teams even smaller. At Cloudflare, it is not unusual for an initial product idea to start with a team small enough to split a pack of Twinkies and for the initial proof of concept to go from whiteboard to rolled out in days. We intentionally staff and structure our teams and our backlogs so that we have flexibility to pivot and innovate. Our Emerging Technology and Incubation team is a small group of product managers and engineers solely dedicated to exploring new products for new markets. Our Research team is dedicated to thinking deeply and partnering with organizations across the globe to define new standards and new ways to tackle some of the hardest challenges. These efforts drove our Web3 announcements and I could not be more excited to see where you all take them.

We ship software for businesses like a consumer software company. Traditional B2B software development typically follows longer development cycles and focuses on delivering more fully featured and deeply integrated offerings out of the gate. This cautious approach yields fewer more fully featured offerings shipped less frequently. Consumer software, on the other hand, is typically built in a highly iterative process — where teams develop initial concepts quickly and roll them out frequently in small pieces to subsets of users to test and understand how people use them and then use these observations to guide development. Many of the seeds that shaped the email security offerings this week started as small experiments by the DNS team, Emerging Technology, and our Customer Support team.

There’s one more aspect to all of this — because we’ve innovated in the way we’ve built our network — making it highly scalable and cost-effective — we’re able to pass these savings on to our customers. In a lot of instances, these savings amount to a pretty good price for our products and services: nothing at all.

Typically, in B2B enterprise software companies, the big customers and the multi-million dollar contracts get 99.99% of the focus. Here’s what I would say: our free customers are the secret sauce to our innovation. Today, millions of websites and applications  across the globe use our service for free. Free is invaluable to innovation.

One of the most difficult parts of building B2B software is getting the first 100 users. These early users are critical to assess the quality, scale, and capabilities of a product. But B2B folks are notoriously risk averse: their application or users are their lifeblood, and they aren’t necessarily willing to make them guinea pigs. They would rather sit on the sidelines and wait for someone else to go first. So when you are building B2B software, you are stuck in a conundrum — how do you get the users you need to prove out the capabilities?  We’re fortunate to have millions of free sites and applications on our network. Like a consumer app developer, we typically roll out new capabilities to pods of these users first. These users give us the volume and scale to get confident in what we’ve delivered. The more confident we get, the more broadly we roll out, such that by the time it hits broad rollout, our customers can feel confident in the quality and stability.

The large and diverse free customer base also helps fuel innovation. Through servicing a large and diverse base — from a personal blog in Bolivia to a small business in Chennai to a start-up in Munich — we observe unique traffic and threat patterns. We take these learning and fold the insights back into our product to dynamically route traffic across the fastest route and stop emerging threats before they scale.

The other thing I love about Birthday Week? It is the place critical innovations start that will ultimately transform the way we work. Universal SSL in 2014 made SSL free and available to all customers, doubling the number of active sites that use encryption within 24 hours of launch.   Seedling ideas, such as Workers, which we launched in 2017, have become the foundation of a whole new generation of applications.

I mentioned earlier that two of the most common questions I’m asked about Cloudflare relate to how we do it. Well, there’s often a third, and that too comes up quite a lot during Birthday Week. And that question is: “are you hiring?!” The answer is a resounding yes! We have opportunities across a variety of roles in Cloudflare: Legal, Product, Engineering, Sales, IT. Good ideas come from everywhere. I’d love nothing more than to engage your curiosity to help us build a better Internet.

Cloudflare has been recognized as a leader in the “Forrester Wave^TM: DDoS Mitigation Solutions, Q4 2017.”

The DDoS landscape continues to evolve. The increase in sophistication, frequency, and range of targets of DDoS attacks has placed greater demands on DDoS providers, many of which were evaluated in the report.

This year, Cloudflare received the highest scores possible in 15 criteria, including:

• Length of Implementation

• Layers 3 and 4 Attacks Mitigation

• DNS Attack Mitigation

• IoT Botnets

• Multi-Vector Attacks

• Filtering Deployment

• Secure Socket Layer Investigation

• Mitigation Capacity

• Pricing Model

We believe that Cloudflare’s position as a leader in the report stems from the following:

• An architecture designed to address high-volume attacks. This post written in October 2016 provides some insight into how Cloudflare’s architecture scales to meet the most advanced DDoS attacks differently than legacy scrubbing centers.

• In September 2017, due to the size and effectiveness of our network, we announced the elimination of “surge pricing” commonly found in other DDoS vendors by offering unmetered mitigation. Regardless of what Cloudflare plan a customer is on—Free, Pro, Business, or Enterprise—we will never terminate a customer or charge more based on the size of an attack.

• Because we protect over 7 million Internet properties, we have a unique view into the types of attacks launched across the Internet, especially harder-to-deflect Layer 7 application attacks. This allows us to reduce the amount of manual intervention and use automated mitigations to more quickly detect and block attacks.

• Our DDoS mitigation solution helps protect customers by integrating with not only a stack of other security features, such as SSL and WAF, but also with a full suite of performance features. With a highly scalable network of over 118 data centers, Cloudflare can both accelerate legitimate traffic and block malicious DDoS traffic.

This combination of scale, ease-of-use through automatic mitigations, and integration with performance solutions, continues to advance our mission to help build a better Internet.

At Cloudflare, our mission is to help build a better internet - one that is performant, secure and reliable for all. We do this through a combination of scale, ease-of use, and data-driven insights that enable us to deliver automatic mitigation. It is because of this focus and these types of innovation that we were able to offer unmetered DDoS mitigation at no additional cost to all of our customers this year. We are honored to be recognized as a leader in the Forrester Wave^TM: DDoS Mitigation Solutions, Q4 2017 report.

To check out the full report, download your complimentary copy here.