Michael Tremante - The Cloudflare Blog

December 11, 2020 3:00PM

Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)

Privacy Week WAF WAF Rules Security Firewall

Allowing logging for payloads that trigger the Web Application Firewall has always led to end-user privacy concerns. We built encrypted matched payload logging to solve this!...

Michael Tremante

July 07, 2020 6:04PM

CVE-2020-5902: Helping to protect against the F5 TMUI RCE vulnerability

WAF Rules Security Vulnerabilities

Cloudflare has deployed a new managed rule protecting customers against a remote code execution vulnerability that has been found in F5 BIG-IP’s web-based Traffic Management User Interface (TMUI)....

November 29, 2018 6:45PM

Logs from the Edge

Reliability Cloudflare Workers Serverless Logs

With Cloudflare Workers, it is possible to send traffic logs to arbitrary locations. In this post we are going to discuss an example Worker implementation on how to achieve this. So if you are building or maintaining your own traffic logging/analytics environment, read on....

Michael Tremante

January 10, 2017 1:52PM

Token Authentication for Cached Private Content and APIs

API Security Privacy

While working to make the Internet a better place, we also want to make it easier for our customers to have control of their content and APIs, and who has access to them. Using Cloudflare’s Token Authentication features, customers can implement access control via URL tokens or HTTP request headers....

Michael Tremante