Securing infrastructure at scale with Cloudflare Access
July 19, 2019 2:00PM
I rarely have to deal with the hassle of using a corporate VPN and I hope it remains this way. As a new member of the Cloudflare team, that seems possible. Coworkers who joined a few years ago did not have that same luck. They had to use a VPN to get any work done. What changed?...
Continue reading »
A Tale of Two (APT) Transports
July 18, 2019 3:12PM
Securing access to your APT repositories is critical. At Cloudflare, like in most organizations, we used a legacy VPN to lock down who could reach our internal software repositories. However, a network perimeter model lacks a number of features that we consider critical to a team’s security....
Securing Certificate Issuance using Multipath Domain Control Validation
June 18, 2019 2:00PM
Trust on the Internet is underpinned by the Public Key Infrastructure (PKI). PKI grants servers the ability to securely serve websites by issuing digital certificates, providing the foundation for encrypted and authentic communication....
Welcome to Crypto Week 2019
June 16, 2019 6:07PM
The Internet is an extraordinarily complex and evolving ecosystem. Its constituent protocols range from the ancient and archaic (hello FTP) to the modern and sleek (meet WireGuard), with a fair bit of everything in between....
Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception
March 18, 2019 5:47PM
The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them....