Michael Tremante - The Cloudflare Blog

October 08, 2021 11:29AM

Helping Apache Servers stay safe from zero-day path traversal attacks (CVE-2021-41773)

WAF Rules Security Vulnerabilities Cloudflare Access

On September 29th 2021, the Apache Security team was alerted of a path traversal vulnerability being actively exploited (zero-day) against Apache HTTP Server version 2.4.49. Customers running the affected Apache version, should update to 2.5.51 as soon as possible....

Michael Tremante

September 08, 2021 10:18AM

How Cloudflare helped mitigate the Atlassian Confluence OGNL vulnerability before the PoC was released

WAF Rules Security Vulnerabilities Cloudflare Access

On August 25, 2021, Atlassian released a security advisory affecting their Confluence application. The Cloudflare WAF soon after started mitigating an increase in malicious traffic to vulnerable endpoints ensuring customers remained protected....

Michael Tremante

July 01, 2021 6:53PM

Account Takeover Protection and WAF mitigations to help stop Global Brute Force Campaigns

WAF Rules Security Firewall Exposed Credentials Research

Today, we are making our Account Takeover Protection capabilities available to all paid plans at no additional charge....

Michael Tremante

June 15, 2021 3:42PM

Enable secure access to applications with Cloudflare WAF and Azure Active Directory

Partners Microsoft Azure Active Directory WAF

Cloudflare and Microsoft Azure Active Directory have partnered to provide an integration specifically for web applications using Azure Active Directory B2C...

March 30, 2021 4:30PM

Cloudflare’s WAF is recognized as customers’ choice for 2021

Security WAF Gartner

Cloudflare has been recognised as Gartner Peer Insights Customers’ Choice for WAF vendor in 2021 by Gartner....

Michael Tremante