Cloudflare Access - The Cloudflare Blog

Improved Access Control: Domain Scoped Roles are now generally available

September 19, 2022 2:15PM

Starting today, it is possible to scope your users’ access to specific domains with Domain Scoped Roles becoming generally available...

Joseph So

The mechanics of a sophisticated phishing scam and how we stopped it

August 09, 2022 4:56PM

Security Post Mortem Phishing Cloudflare Gateway Cloudflare Access

Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees...

How Cloudflare Security does Zero Trust

June 24, 2022 3:15PM

Cloudflare One Week Security Cloudflare Zero Trust Zero Trust Cloudflare Access

How Cloudflare’s security team implemented Zero Trust controls...

Verify Apple devices with no installed software

June 22, 2022 2:38PM

Cloudflare One Week Device Security Security Apple Cloudflare Access

Security teams that rely on Cloudflare Access can verify a user’s Apple device before they access a sensitive application — no additional software required...

Kenny Johnson

How to augment or replace your VPN with Cloudflare

June 22, 2022 2:27PM

Cloudflare One Week Zero Trust VPN ZTNA Cloudflare Access

Offloading key applications from your traditional VPN to a cloud-native ZTNA solution like Cloudflare Access is a great place to start with Zero Trust and provides an approachable, meaningful upgrade for your business...

Michael Keane

June 21, 2022 2:44PM

Infinitely extensible Access policies

Starting today, we’re excited that Access policies can consider anything before allowing a user access to an application. And by anything, we really do mean absolutely anything....

By

Kenny Johnson
, James Royal

Cloudflare One Week , Zero Trust , Cloudflare Access

March 17, 2022 12:59PM

Clientless Web Isolation is now generally available

Today, we’re excited to announce that Clientless Web Isolation is generally available...

By

Tim Obezuk

Security Week , Remote Browser Isolation , RBI , Clientless , CASB

December 08, 2021 1:59PM

Guest Blog: k8s tunnels with Kudelski Security

At Kudelski Security, we've been working on implementing our Zero Trust strategy for the last two years. In many aspects, it's been an incredible journey, and although we're not quite finished yet, we're excited by the progress made so far with Cloudflare....

By

Romain Aviolat (Guest Blogger)

CIO Week , Cloudflare Tunnel , Cloudflare Access , Zero Trust

December 08, 2021 1:59PM

Introducing Clientless Web Isolation

Safely browse risky and sensitive websites on any device without installing any software...

By

Tim Obezuk

CIO Week , Remote Browser Isolation , RBI , Clientless , Cloudflare Access

November 19, 2021 1:59PM

Build your next video application on Cloudflare

Today, we’re going to build a video application inspired by Cloudflare TV. We’ll have user authentication and the ability for administrators to upload recorded videos or livestream new content. Think about being able to build your own YouTube or Twitch using Cloudflare services!...

By

Jonathan Kuperman
, Adam Janiš

Full Stack Week , Cloudflare Workers , Cloudflare Pages , Cloudflare Access , Cloudflare Stream

November 17, 2021 1:58PM

Building a full stack application with Cloudflare Pages

Full-stack support for Cloudflare Pages is now in open beta, and you can test it today with this example image-sharing project that integrates with KV, Durable Objects, Cloudflare Images and Cloudflare Access....

By

Greg Brimble
, Obinna Ekwuno

Full Stack Week , Cloudflare Pages , Cloudflare Workers , Full Stack , Serverless Functions

October 08, 2021 11:29AM

Helping Apache Servers stay safe from zero-day path traversal attacks (CVE-2021-41773)

On September 29th 2021, the Apache Security team was alerted of a path traversal vulnerability being actively exploited (zero-day) against Apache HTTP Server version 2.4.49. Customers running the affected Apache version, should update to 2.5.51 as soon as possible....

By

Michael Tremante

WAF Rules , Security , Vulnerabilities , Cloudflare Access

October 04, 2021 1:58PM

Announcing Access Temporary Authentication

Starting today, you can add new policies in Cloudflare Access that grant temporary access to specific users based on approvals for a set of predefined administrators....

By

Kenny Johnson

Cloudflare Access , Zero Trust , Authentication

September 08, 2021 10:18AM

How Cloudflare helped mitigate the Atlassian Confluence OGNL vulnerability before the PoC was released

On August 25, 2021, Atlassian released a security advisory affecting their Confluence application. The Cloudflare WAF soon after started mitigating an increase in malicious traffic to vulnerable endpoints ensuring customers remained protected....

By

Michael Tremante

WAF Rules , Security , Vulnerabilities , Cloudflare Access