Cloudflare Blog: Security

2022 US midterm elections attack analysis

November 11, 2022 6:14PM

For Athenian Project and Cloudflare for Campaigns participant websites, overall traffic volume ramped as Election Day approached...

David Belson

Cloudflare is not affected by the OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786

November 02, 2022 9:31AM

Security Vulnerabilities

Information on CVE-2022-3602 and CVE-2022-3786, and why Cloudflare was not impacted...

Page Shield can now watch for malicious outbound connections made by third-party JavaScript code

October 21, 2022 2:53PM

Page Shield Security

Starting today, Page Shield can now watch for malicious outbound connections made by third-party JavaScript code...

Michael Tremante

Total TLS: one-click TLS for every hostname you have

October 06, 2022 7:00PM

SSL TLS Security Advanced Certificate Manager

Today, we’re excited to announce Total TLS — a one-click feature that will issue individual TLS certificates for every subdomain in our customer’s domains...

Dina Kozlov

Join our upcoming live roadshow series: ‘Zero Trust, Zero Nonsense’

October 05, 2022 8:00PM

Cloudflare Zero Trust Events Security

Starting in a couple of weeks, and continuing through the end of the year, we’re hosting a series of Zero Trust Roadshows in various North American cities...

Selam Negatu

October 03, 2022 2:01PM

Defending against future threats: Cloudflare goes post-quantum

The future of a private and secure Internet is at stake; that is why today we have enabled post-quantum cryptography support for all our customers...

By

Bas Westerbaan
, Cefan Daniel Rubin

Birthday Week , Post-Quantum , Research , Cryptography , Security

October 03, 2022 2:00PM

Automatic (secure) transmission: taking the pain out of origin connection security

Today we’re excited to announce that we will soon be offering a zero-configuration option for security on Cloudflare. If we find that we can automatically upgrade the security connection between Cloudflare and a user’s origin, we will...

By

Birthday Week , Product News , Research , CDN , Universal SSL

September 29, 2022 2:01PM

The (hardware) key to making phishing defense seamless with Cloudflare Zero Trust and Yubico

Announcing a new collaboration with Yubico, to remove any barriers for organizations of any size to deploying hardware security keys....

By

David Harnett

Birthday Week , Zero Trust , Cloudflare One , Security , Product News

September 29, 2022 2:00PM

How Cloudflare implemented hardware keys with FIDO2 and Zero Trust to prevent phishing

Adopting a phishing resistant second factor, like a YubiKey with FIDO2, is the number one way to prevent phishing attacks. Cloudflare has used phishing resistant second factors only since February 2021, and these were the steps we took to accomplish that....

By

Evan Johnson
, Derek Pitts

Birthday Week , Security , Zero Trust , FIDO , Cloudflare Zero Trust

September 29, 2022 2:00PM

Back in 2017 we gave you Unmetered DDoS Mitigation, here's a birthday gift: Unmetered Rate Limiting

Starting today, Free, Pro and Business plans include Rate Limiting rules without additional charges....

By

Daniele Molteni

Birthday Week , Rate Limiting , DDoS , Pro , Business

September 29, 2022 2:00PM

Now all customers can share access to their Cloudflare account with Role Based Access Controls

Role Based Access Controls are now available for every plan!...

By

Joseph So

Birthday Week , RBAC , Dashboard , Product News , Security

September 28, 2022 2:01PM

Announcing Turnstile, a user-friendly, privacy-preserving alternative to CAPTCHA

Any website can use a simple API to replace CAPTCHAs with our invisible alternative, whether they’re on the Cloudflare network or not....

By

Birthday Week , Product News , Turnstile , CAPTCHA , Security

September 28, 2022 2:00PM

Private by design: building privacy-preserving products with Cloudflare's Privacy Edge

Introducing Privacy Edge – a collection of products that make it easier for site owners and developers to protect their users’ privacy by default....

By

Mari Galicer
, Matt Silverlock

Birthday Week , Privacy , Security

September 27, 2022 3:15PM

Cloudflare named a Leader in WAF by Forrester

Forester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence....

By

Michael Tremante

WAF , Security , API Security , DDoS , Bot Management