2026-03-11
Cloudflare now returns RFC 9457-compliant structured Markdown and JSON error payloads to AI agents, replacing heavyweight HTML pages with machine-readable instructions. This reduces token usage by over 98%, turning brittle parsing into efficient control flow....
Continue reading »
2026-03-11
Cloudflare AI Security for Apps is now generally available, providing a security layer to discover and protect AI-powered applications, regardless of the model or hosting provider. We are also making AI discovery free for all plans, to help teams find and secure shadow AI deployments....
2026-03-04
Cloudflare is introducing Attack Signature Detection and Full-Transaction Detection to provide continuous, high-fidelity security insights without the manual tuning of traditional WAFs. By correlating request payloads with server responses, we can now identify successful exploits and data exfiltration while minimizing false positives....
2026-02-27
We serve 7.6 billion challenges daily. Here’s how we used research, AAA accessibility standards, and a unified architecture to redesign the Internet’s most-seen user interface....
2026-01-19
A vulnerability was recently identified in Cloudflare’s automation of certificate validation. Here we explain the vulnerability and outline the steps we’ve taken to mitigate it. ...
December 03, 2025 2:20 PM
Cloudflare offers protection against a new high profile vulnerability for React Server Components: CVE-2025-55182. All WAF customers are automatically protected as long as the WAF is deployed....
November 24, 2025 2:00 PM
The WAF provides ways for our customers to gain insight into why it takes certain actions. The more granular and precise the insight, the more reproducible and understandable it is. Revamped payload logging is one such method. ...
October 29, 2025 1:00 PM
IPv4 scarcity drives widespread use of Carrier-Grade Network Address Translation, a practice in ISPs and mobile networks that places many users behind each IP address, along with their collected activity and volumes of traffic. We introduce the method we’ve developed to detect la...
August 26, 2025 2:00 PM
Cloudflare's AI security suite now includes unsafe content moderation, integrated into the Application Security Suite via Firewall for AI. ...
July 22, 2025 4:30 PM
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers....
March 20, 2025 2:00 PM
Forrester Research has recognized Cloudflare as a Leader in its The Forrester Wave™: Web Application Firewall Solutions, Q1 2025 report....
March 20, 2025 1:10 PM
Cloudflare’s first AI agent, Cloudy, helps make complicated configurations easy to understand for Cloudflare administrators....
March 20, 2025 1:00 PM
We’re introducing a new Application Security experience in the Cloudflare dashboard, with a reworked UI organized by use cases, making it easier for customers to navigate and secure their accounts....
February 07, 2025 8:13 PM
Cloudflare patched a Mutual TLS (mTLS) vulnerability (CVE-2025-23419) reported via its Bug Bounty Program. The flaw in session resumption allowed client certificates to authenticate across different...
August 12, 2024 2:00 PM
Explore how Cloudflare's JA4 fingerprinting and inter-request signals provide robust and scalable insights for advanced web security and threat detection. ...
July 25, 2024 1:00 PM
In this post, we discuss performance optimizations we've implemented for our WAF ML product. We'll guide you through code examples, benchmarks, and we'll share the impressive latency reduction numbers...
July 11, 2024 5:00 PM
Cloudflare’s updated 2024 view on Internet cyber security trends spanning global traffic insights, bot traffic insights, API traffic insights, and client-side risks...
March 07, 2024 2:00 PM
Announcing the General Availability of WAF Content Scanning, protecting your web applications and APIs from malware by scanning files in-transit...
March 04, 2024 2:02 PM
Cloudflare is one of the first providers to safeguard LLM models and users in the era of AI...
March 04, 2024 2:00 PM
Introducing AI Assistant for Security Analytics. Now it is easier than ever to get powerful insights about your web security. Use the new integrated natural language query interface to explore Security Analytics...
