Cloudflare now uses post-quantum cryptography to talk to your origin server
September 29, 2023 1:00 PM
Starting today, you can secure the connection between Cloudflare and your origin server with post-quantum cryptography...
Detecting zero-days before zero-day
September 29, 2023 1:00 PM
In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher....
Cloudflare is free of CAPTCHAs; Turnstile is free for everyone
September 29, 2023 1:00 PM
Now that we’ve eliminated CAPTCHAs at Cloudflare, we want to hasten the demise of CAPTCHAs across the internet. We’re thrilled to announce that Turnstile is generally available, and Turnstile’s ‘Managed’ mode is now completely free to everyone for unlimited use. ...
Cloudflare account permissions, how to use them, and best practices
September 25, 2023 1:00 PM
Cloudflare has a lot of new roles, how should we use them, and how can we stay safe...
Making Content Security Policies (CSPs) easy with Page Shield
September 15, 2023 1:00 PM
We just deployed a number of updates to our Client-Side Security Product: Page Shield. As of today we support all major CSP directives, better suggestions, better violation reporting, Page Shield specific user role permissions, and domain insights...
MORE POSTS
August 21, 2023 1:00 PM
An August reading list about online security and 2023 attacks landscape
Here is a reading list with 2023 trends, what you need to know about attacks, and a guide on how to stay protected using Cloudflare...
- By
August 09, 2023 1:00 PM
Introducing per hostname TLS settings — security fit to your needs
Starting today, customers that use Cloudflare’s Advanced Certificate Manager can configure TLS settings on individual hostnames within a domain...
- By
August 04, 2023 6:29 PM
Unmasking the top exploited vulnerabilities of 2022
The Cybersecurity and Infrastructure Security Agency (CISA) just released a report highlighting the most commonly exploited vulnerabilities of 2022. ...
- By
July 25, 2023 12:47 AM
How Cloudflare is staying ahead of the AMD vulnerability known as “Zenbleed”
The Google Information Security Team revealed a new flaw in AMD's Zen 2 processors in a blog post today. The 'Zenbleed' flaw affects the entire Zen 2 product stack, from AMD's EPYC data center processors to the Ryzen 3000 CPUs, and can be exploited to steal sensitive data process...
- By
July 11, 2023 1:00 PM
Bring your own CA for client certificate validation with API Shield
API shield customers can now upload their own CA to use for client certificate validation. This ensures that only authorized clients and devices can make requests to your API endpoint or application. ...
- By
June 08, 2023 2:00 PM
Cloudflare Area 1 earns SOC 2 report
Many customers want assurance that the sensitive information they send to us can be kept safe. One of the best ways to provide this assurance is a SOC 2 Type II report...
- By
June 06, 2023 1:00 PM
Examining HTTP/3 usage one year on
With the HTTP/3 RFC celebrating its 1st birthday, we examined HTTP version usage trends between May 2022 - May 2023. We found that HTTP/3 usage by browsers continued to grow, but that search engine and social media bots continued to effectively ignore the latest version of the we...
- By
May 18, 2023 1:00 PM
Announcing Cloudflare Secrets Store
Introducing Secrets Store by Cloudflare - the ultimate solution for managing your application secrets securely. Safeguard sensitive information, track access, and maintain ease of use....
- By
May 18, 2023 1:00 PM
How to secure Generative AI applications
Earn best practices for securing generative AI applications based on Cloudflare's experience protecting some of the largest AI applications in the world...
- By
April 25, 2023 1:07 PM
SLP: a new DDoS amplification vector in the wild
Researchers have recently published the discovery of a new DDoS reflection/amplification attack vector leveraging the SLP protocol. Cloudflare expects the prevalence of SLP-based DDoS attacks to rise in the coming weeks...
- By
April 21, 2023 1:00 PM
Why I joined Cloudflare as Chief Security Officer
As someone who is passionate about technology, security, and its potential to improve our lives, I knew that I wanted to work for a company that shared those values. ...
- By
April 20, 2023 1:44 PM
Secure by default: recommendations from the CISA’s newest guide, and how Cloudflare follows these principles to keep you secure
In this post we’ll review some of the authors’ recommendations, discuss how Cloudflare applies these principles to the products that we build, and provide some suggestions on what other organizations can do to support similar initiatives internally...
- By
March 30, 2023 10:46 AM
Helping protect personal information in the cloud, all across the world
Helping protect personal information in the cloud, all across the world...
- By
March 20, 2023 1:00 PM
Everything you might have missed during Security Week 2023
Learn how Cloudflare made it easier to shift from protecting applications, to protecting employees, and making sure they are protected everywhere during Security Week 2023...
- By