polyfill.io now available on cdnjs: reduce your supply chain risk
02/29/2024
Polyfill.io is now available on cdnjs to reduce the risk of supply chain attacks. Replace your polyfill.io links today for a seamless experience...
02/29/2024
Polyfill.io is now available on cdnjs to reduce the risk of supply chain attacks. Replace your polyfill.io links today for a seamless experience...
09/29/2023
In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher....
09/15/2023
We just deployed a number of updates to our Client-Side Security Product: Page Shield. As of today we support all major CSP directives, better suggestions, better violation reporting, Page Shield specific user role permissions, and domain insights...
08/21/2023
We are back with a quarterly update of our Application Security report. Read on to learn about new attack trends and insights visible from Cloudflare’s global network...
03/14/2023
One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks....
03/13/2023
Starting today, using Page Shield, Cloudflare’s client side security solution, you can ensure only vetted and secure JavaScript is being executed by your user’s browsers. Stop unwanted JavaScript and keep your end user data safe with Page Shield policies....
01/04/2023
Today, we’re making the job of application security teams easier, by providing a content scanning engine integrated with our Web Application Firewall (WAF), so that malicious files being uploaded by end users, never reach origin servers in the first place...
10/21/2022
Starting today, Page Shield can now watch for malicious outbound connections made by third-party JavaScript code...
09/27/2022
Forester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence....
09/06/2022
Gartner has recognised Cloudflare as a Leader in the 2022 "Gartner® Magic Quadrant™ for Web Application and API Protection (WAAP)" report that evaluated 11 vendors for their ‘ability to execute’ and ‘completeness of vision’...
06/05/2022
On 2022-06-02 at 20:00 UTC Atlassian released a Security Advisory relating to a remote code execution (RCE) vulnerability affecting Confluence Server and Confluence Data Center products. This post covers our current analysis of this vulnerability...
03/31/2022
Cloudflare Managed Ruleset updates for the recent vulnerabilities affecting the Java Spring framework and related software components...
03/21/2022
In this post, we share some of the insights we’ve gathered from the 32 million HTTP requests/second that pass through our network...
03/18/2022
Being a single pane of glass for all network activity has always been one of Cloudflare’s goals. Today, we’re outlining the future vision for Cloudflare observability....
03/15/2022
We are excited to provide our new Cloudflare Web Application Firewall, with a Free Managed Ruleset to all Cloudflare users...
03/13/2022
Welcome to our first innovation week of the year: Security Week! In this post we will be going over Cloudflare’s security products’ history giving you an introduction to all the great announcements we have planned...
12/08/2021
To help identify and mitigate supply chain attacks in the context of web applications, today we are launching Page Shield in General Availability (GA)....
12/03/2021
Cloudflare can now send proactive notifications about any application security event spike, so you are warned whenever an attack might be targeting your application....
10/08/2021
On September 29th 2021, the Apache Security team was alerted of a path traversal vulnerability being actively exploited (zero-day) against Apache HTTP Server version 2.4.49. Customers running the affected Apache version, should update to 2.5.51 as soon as possible....
09/08/2021
On August 25, 2021, Atlassian released a security advisory affecting their Confluence application. The Cloudflare WAF soon after started mitigating an increase in malicious traffic to vulnerable endpoints ensuring customers remained protected....