WAF - The Cloudflare Blog

Announcing WAF Attack Score Lite and Security Analytics for business customers

March 15, 2023 1:00PM

We are making the machine learning empowered WAF and Security analytics view available to our Business plan customers, to help detect and stop attacks before they are known...

Radwa Radwan

The state of application security in 2023

March 14, 2023 1:00PM

Security Week Cloudflare Radar Security API WAF

One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks....

How Cloudflare can help stop malware before it reaches your app

January 04, 2023 2:00PM

WAF Security Malware

Today, we’re making the job of application security teams easier, by providing a content scanning engine integrated with our Web Application Firewall (WAF), so that malicious files being uploaded by end users, never reach origin servers in the first place...

Michael Tremante

Stop attacks before they are known: making the Cloudflare WAF smarter

December 09, 2022 2:00PM

WAF WAF Attack Score Machine Learning

Today we are making the WAF smarter by increasing availability of our new machine learning powered enhancement, the WAF Attack Score!...

Radwa Radwan

Cloudflare named a Leader in WAF by Forrester

September 27, 2022 3:15PM

WAF Security API Security DDoS Bot Management

Forester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence....

Michael Tremante

September 19, 2022 2:30PM

Account WAF now available to Enterprise customers

Do you manage more than a single domain? If the answer is yes, now you can manage a single WAF configuration for all your enterprise domains...

By

Daniele Molteni

GA Week , General Availability , WAF , Rulesets , Enterprise

September 06, 2022 5:15PM

Cloudflare named a Leader by Gartner

Gartner has recognised Cloudflare as a Leader in the 2022 "Gartner® Magic Quadrant™ for Web Application and API Protection (WAAP)" report that evaluated 11 vendors for their ‘ability to execute’ and ‘completeness of vision’...

By

Michael Tremante

WAF , Security , API Security , DDoS , Bot Management

September 05, 2022 2:00PM

Improving the accuracy of our machine learning WAF using data augmentation and sampling

Data Generation and Augmentation methods to train an effective machine learning WAF...

By

Vikram Grover

WAF , Machine Learning , Edge Inference , Data Science

August 30, 2022 3:00PM

Introducing thresholds in Security Event Alerting: a z-score love story

Today we are excited to announce thresholds for our Security Event Alerts: a new and improved way of detecting anomalous spikes of security events on your Internet properties. By introducing a threshold, we are able to make alerts more accurate and only notify you when it truly matters...

By

Kristina Galicova

Notifications , Alerts , WAF , Product News , Security

July 07, 2022 1:57PM

New WAF intelligence feeds

Cloudflare is expanding our WAF’s threat intelligence capabilities by adding four new managed IP lists that can be used as part of any custom firewall rule...

By

Daniele Molteni
, Jesse Kipp

Product News , Firewall Rules , WAF , Custom Rules , Threat Intelligence

June 05, 2022 9:54PM

Cloudflare observations of Confluence zero day (CVE-2022-26134)

On 2022-06-02 at 20:00 UTC Atlassian released a Security Advisory relating to a remote code execution (RCE) vulnerability affecting Confluence Server and Confluence Data Center products. This post covers our current analysis of this vulnerability...

By

Vulnerabilities , WAF , Zero Day Threats

April 01, 2022 2:31PM

The end of the road for Cloudflare CAPTCHAs

We decided we’re going to stop using CAPTCHAs. Before we talk about how we did it, and how you can help, let's first start with a simple question. Why in the world is CAPTCHA still used anyway?...

By