MORE POSTS
December 22, 2020 12:00 PM
Beat - An Acoustics Inspired DDoS Attack
On the week of Black Friday, Cloudflare automatically detected and mitigated “Beat” - an acoustics inspired DDoS attacks that targeted a Magic Transit customer.
...
December 21, 2020 11:11 AM
Configure identity-based policies in Cloudflare Gateway
You can now build secure web gateway rules based on user and group identity....
December 16, 2020 5:00 PM
Trend data on the SolarWinds Orion compromise
Analyzing SUNBURST malware activity seen on Cloudflare’s public DNS resolver....
December 11, 2020 3:00 PM
Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)
Allowing logging for payloads that trigger the Web Application Firewall has always led to end-user privacy concerns. We built encrypted matched payload logging to solve this!...
December 10, 2020 4:14 PM
Announcing Workplace Records for Cloudflare for Teams
Workplace Records uses Access and Gateway logs to provide the state and country from which employees are working. Workplace Records can be used to help finance, legal, and HR departments determine where payroll taxes are due and provide a record to defend those decisions....
December 08, 2020 12:00 PM
OPAQUE: The Best Passwords Never Leave your Device
Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control of your password....
December 08, 2020 12:00 PM
Improving DNS Privacy with Oblivious DoH in 1.1.1.1
Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this problem and today we are enabling users to use this protocol with 1.1.1.1...
November 17, 2020 12:00 PM
Anchoring Trust: A Hardware Secure Boot Story
As a security company, we pride ourselves on finding innovative ways to protect our platform to, in turn, protect the data of our customers. Part of this approach is implementing progressive methods in protecting our hardware at scale....
November 13, 2020 7:06 PM
SAD DNS Explained
Researchers from UC Riverside and Tsinghua University found a new way to revive a decade-old DNS cache poisoning attack. Read our deep dive into how the SAD DNS attack on DNS resolvers works, how we protect against this attack in 1.1.1.1, and what the future holds for DNS cache p...
November 13, 2020 12:00 PM
Automated Origin CA for Kubernetes
Today we're releasing origin-ca-issuer, an extension to cert-manager integrating with Cloudflare Origin CA to easily create and renew certificates for your account's domains....
November 10, 2020 2:49 PM
What is an Integrated Email Security solution? And is it right for your organization?
Gartner has named Area 1 Security as a Representative Vendor for IESS. We believe, Area 1 Security, as an IESS, provides the core functionalities of a SEG, but has the advantage of being very quick and easy to deploy, without requiring changes to the email flow at the gateway....
November 06, 2020 12:36 PM
The Internet is Getting Safer: Fall 2020 RPKI Update
The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....
October 29, 2020 12:00 PM
Introducing Bot Analytics
Nearly 40% of Internet traffic is automated. Today, Cloudflare is taking its Bot Management product to new heights with the release of Bot Analytics....
October 22, 2020 2:08 PM
A Last Call for QUIC, a giant leap for the Internet
QUIC and HTTP/3 are open standards that have been under development in the IETF for almost exactly 4 years. On October 21, 2020, following two rounds of Working Group Last Call, draft 32 of the family of documents that describe QUIC and HTTP/3 were put into IETF Last Call....