订阅以接收新文章的通知:

Security Week 2024 总结

2024-03-11

1 分钟阅读时间
这篇博文也有 EnglishFrançaisDeutsch日本語한국어Español繁體中文版本。
Security Week 2024 wrap up

未来 12 个月有可能重塑全球政治格局:80 多个国家将在 2024 年进行选举,同时人工智能等新技术将激发我们的想象力,并带来新的安全挑战。

在此背景下,CISO 的作用变得前所未有的重要。 Cloudflare 首席安全官 Grant Bourzikas 在 Security Week 开篇 博客文章中分享了他对当前安全行业面临的最大挑战的看法 。

在过去的一周里,我们宣布了一系列新产品和新功能,以应对我们认为全球 CISO 所面临的最关键挑战。我们发布的功能涉及 Cloudflare 的各种产品,从应用程序安全到员工和云基础设施安全。 我们还发布了一些故事,介绍我们如何使用 Cloudflare 服务的“零号客户”方法来管理 Cloudflare 自身安全。我们希望您对这些故事感兴趣,并对 Cloudflare 的新产品感到兴奋。如果您错过了其中任何一个公告,请查看如下 Security Week 总结:

应对 AI 带来的机遇和风险

.tg {border-collapse:collapse;border-color:#ccc;border-spacing:0;} .tg td{background-color:#fff;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{background-color:#f0f0f0;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-f50w{background-color:#F90;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-zb5k{color:#15C;text-align:left;vertical-align:top} .tg .tg-zb5k a{border-bottom: 0} .tg .tg-0lax{text-align:left;vertical-align:top}

标题

Title Excerpt
Cloudflare announces Firewall for AI Cloudflare announced the development of Firewall for AI, a protection layer that can be deployed in front of Large Language Models (LLMs) to identify abuses and attacks.
Defensive AI: Cloudflare’s framework for defending against next-gen threats Defensive AI is the framework Cloudflare uses when integrating intelligent systems into its solutions. Cloudflare’s AI models look at customer traffic patterns, providing that organization with a tailored defense strategy unique to their environment.
Cloudflare launches AI Assistant for Security Analytics We released a natural language assistant as part of Security Analytics. Now it is easier than ever to get powerful insights about your applications by exploring log and security events using the new natural language query interface.
Dispelling the Generative AI fear: how Cloudflare secures inboxes against AI-enhanced phishing Generative AI is being used by malicious actors to make phishing attacks much more convincing. Learn how Cloudflare’s email security systems are able to see past the deception using advanced machine learning models.

摘录

Title Excerpt
Magic Cloud Networking simplifies security, connectivity, and management of public clouds Introducing Magic Cloud Networking, a new set of capabilities to visualize and automate cloud networks to give our customers easy, secure, and seamless connection to public cloud environments.
Secure your unprotected assets with Security Center: quick view for CISOs Security Center now includes new tools to address a common challenge: ensuring comprehensive deployment of Cloudflare products across your infrastructure. Gain precise insights into where and how to optimize your security posture.
Announcing two highly requested DLP enhancements: Optical Character Recognition (OCR) and Source Code Detections Cloudflare One now supports Optical Character Recognition and detects source code as part of its Data Loss Prevention service. These two features make it easier for organizations to protect their sensitive data and reduce the risks of breaches.
Introducing behavior-based user risk scoring in Cloudflare One We are introducing user risk scoring as part of Cloudflare One, a new set of capabilities to detect risk based on user behavior, so that you can improve security posture across your organization.
Eliminate VPN vulnerabilities with Cloudflare One The Cybersecurity & Infrastructure Security Agency issued an Emergency Directive due to the Ivanti Connect Secure and Policy Secure vulnerabilities. In this post, we discuss the threat actor tactics exploiting these vulnerabilities and how Cloudflare One can mitigate these risks.
Zero Trust WARP: tunneling with a MASQUE This blog discusses the introduction of MASQUE to Zero Trust WARP and how Cloudflare One customers will benefit from this modern protocol.
Collect all your cookies in one jar with Page Shield Cookie Monitor Protecting online privacy starts with knowing what cookies are used by your websites. Our client-side security solution, Page Shield, extends transparent monitoring to HTTP cookies.
Protocol detection with Cloudflare Gateway Cloudflare Secure Web Gateway now supports the detection, logging, and filtering of network protocols using packet payloads without the need for inspection.
Introducing Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs) for threat intelligence teams Our Security Center now houses Requests for Information and Priority Intelligence Requirements. These features are available via API as well and Cloudforce One customers can start leveraging them today for enhanced security analysis.

Cloudflare 宣布推出 Firewall for AI

Title Excerpt
Log Explorer: monitor security events without third-party storage With the combined power of Security Analytics and Log Explorer, security teams can analyze, investigate, and monitor logs natively within Cloudflare, reducing time to resolution and overall cost of ownership by eliminating the need of third-party logging systems.
Simpler migration from Netskope and Zscaler to Cloudflare: introducing Deskope and a Descaler partner update Cloudflare expands the Descaler program to Authorized Service Delivery Partners (ASDPs). Cloudflare is also launching Deskope, a new set of tooling to help migrate existing Netskope customers to Cloudflare One.
Protecting APIs with JWT Validation Cloudflare customers can now protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens with API Gateway.
Simplifying how enterprises connect to Cloudflare with Express Cloudflare Network Interconnect Express Cloudflare Network Interconnect makes it fast and easy to connect your network to Cloudflare. Customers can now order Express CNIs directly from the Cloudflare dashboard.
Cloudflare treats SASE anxiety for VeloCloud customers The turbulence in the SASE market is driving many customers to seek help. We’re doing our part to help VeloCloud customers who are caught in the crosshairs of shifting strategies.
Free network flow monitoring for all enterprise customers Announcing a free version of Cloudflare’s network flow monitoring product, Magic Network Monitoring. Now available to all Enterprise customers.
Building secure websites: a guide to Cloudflare Pages and Turnstile Plugin Learn how to use Cloudflare Pages and Turnstile to deploy your website quickly and easily while protecting it from bots, without compromising user experience.
General availability for WAF Content Scanning for file malware protection Announcing the General Availability of WAF Content Scanning, protecting your web applications and APIs from malware by scanning files in-transit.

Cloudflare 宣布开发 Firewall for AI,这是一个可部署在大型语言模型(LLM)前的保护层,用于识别滥用和攻击。

Title Excerpt
Cloudflare protects global democracy against threats from emerging technology during the 2024 voting season At Cloudflare, we’re actively supporting a range of players in the election space by providing security, performance, and reliability tools to help facilitate the democratic process.
Navigating the maze of Magecart: a cautionary tale of a Magecart impacted website Learn how a sophisticated Magecart attack was behind a campaign against e-commerce websites. This incident underscores the critical need for a strong client side security posture.
Cloudflare’s URL Scanner, new features, and the story of how we built it Discover the enhanced URL Scanner API, now integrated with the Security Center Investigate Portal. Enjoy unlisted scans, multi-device screenshots, and seamless integration with the Cloudflare ecosystem.
Changing the industry with CISA’s Secure by Design principles Security considerations should be an integral part of software’s design, not an afterthought. Explore how Cloudflare adheres to Cybersecurity & Infrastructure Security Agency’s Secure by Design principles to shift the industry.
The state of the post-quantum Internet Nearly two percent of all TLS 1.3 connections established with Cloudflare are secured with post-quantum cryptography. In this blog post we discuss where we are now in early 2024, what to expect for the coming years, and what you can do today.
Advanced DNS Protection: mitigating sophisticated DNS DDoS attacks Introducing the Advanced DNS Protection system, a robust defense mechanism designed to protect against the most sophisticated DNS-based DDoS attacks.

Defensive AI:Cloudflare 用于防御下一代威胁的框架

Title Excerpt
Linux kernel security tunables everyone should consider adopting This post illustrates some of the Linux kernel features that are helping Cloudflare keep its production systems more secure. We do a deep dive into how they work and why you should consider enabling them.
Securing Cloudflare with Cloudflare: a Zero Trust journey A deep dive into how we have deployed Zero Trust at Cloudflare while maintaining user privacy.
Network performance update: Security Week 2024 Cloudflare is the fastest provider for 95th percentile connection time in 44% of networks around the world. We dig into the data and talk about how we do it.
Harnessing chaos in Cloudflare offices This blog discusses the new sources of “chaos” that have been added to LavaRand and how you can make use of that harnessed chaos in your next application.
Launching email security insights on Cloudflare Radar The new Email Security section on Cloudflare Radar provides insights into the latest trends around threats found in malicious email, sources of spam and malicious email, and the adoption of technologies designed to prevent abuse of email.

Defensive AI 是 Cloudflare 将智能系统集成到其解决方案时使用的框架。 Cloudflare 的人工智能模型研究客户流量模式,为企业提供为其环境量身定制的防御策略。

Cloudflare 推出用于安全性分析的 AI 助理

我们发布了一个自然语言助手,作为 Security Analytics 的一部分。 现在,通过使用全新的自然语言查询界面探索日志和安全事件,获得有关应用程序的强大洞察比以往任何时候更加容易。

消除对生成式 AI 的恐惧:Cloudflare 如何保护收件箱以防御 AI 增强的网络钓鱼

恶意行为者利用生成式 AI 来进行更有说服力的网络钓鱼攻击。了解 Cloudflare 的电子邮件安全系统如何利用先进的机器学习模型来看穿欺骗。

在应用程序和云变化的同时维持可见性和管控

.tg {border-collapse:collapse;border-color:#ccc;border-spacing:0;} .tg td{background-color:#fff;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{background-color:#f0f0f0;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-f50w{background-color:#F90;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-zb5k{color:#15C;text-align:left;text-decoration:underline;vertical-align:top} .tg .tg-zb5k a{border-bottom: 0} .tg .tg-0lax{text-align:left;vertical-align:top}

标题

摘录

Magic Cloud Networking 可简化安全、连接以及公共云管理

隆重推出 Magic Cloud Networking,一系列用于可视化和自动化云网络的全新功能,让客户能够安全、便捷、无缝地连接到公共云环境。

使用 Security Center 保护未受保护的资产:供 CISO 快速查看

安全中心现在包含全新工具以解决一个共同挑战:确保在您的基础设施中全面部署 Cloudflare 产品。 准确了解从何处以及以何种方式优化安全态势。

将推出两项备受期待的 DLP 增强功能:光学字符识别 (OCR) 和源代码检测

Cloudflare One 现在支持光学字符识别和源代码检测,作为其数据丢失防护 (DLP) 服务的功能。这两项功能使企业更容易保护其敏感数据,减少数据外泄风险。

Cloudflare One 中推出基于行为的用户风险评分

作为 Cloudflare One 的一部分,我们正在引入用户风险评分,这是一套根据用户行为检测风险的新功能,可帮助您改善整个组织的安全态势。

使用 Cloudflare One,消除 VPN 漏洞

由于 Ivanti Connect Secure 和 Policy Secure 漏洞,美国网络安全和基础设施安全局 (CISA) 近期发布了一项紧急指令。本文中,我们将讨论利用这些漏洞的威胁行为者策略,以及 Cloudflare One 如何降低这些风险。

Zero Trust WARP:隧道技术提供 Masque 支持

本篇博客文章将介绍 Zero Trust WARP 中推出的 MASQUE 支持,以及 Cloudflare One 客户如何从这个现代化的协议中受益。

使用 Page Shield Cookie Monitor,集中收集所有 Cookie

保护在线隐私,首先要了解网站使用哪些 cookie。我们的客户端安全解决方案 Page Shield 将透明监控扩展到 HTTP cookie。

使用 Cloudflare Gateway 进行协议检测

Cloudflare 安全 Web 网关现在支持使用数据包负载检测、记录和过滤网络协议,无需进行检查。

介绍面向威胁情报团队的信息请求 (RFI) 和优先级情报要求 (PIR)

我们的安全中心现已包含信息请求和优先级情报需求。这些功能也可通过 API 使用,Cloudforce One 客户现在可以开始利用它们进行增强型安全分析。

通过整合压低成本

.tg {border-collapse:collapse;border-color:#ccc;border-spacing:0;} .tg td{background-color:#fff;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{background-color:#f0f0f0;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-f50w{background-color:#F90;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-zb5k{color:#15C;text-align:left;text-decoration:underline;vertical-align:top} .tg .tg-zb5k a{border-bottom: 0} .tg .tg-0lax{text-align:left;vertical-align:top}

标题

摘录

Log Explorer:在没有第三方存储的情况下监视安全事件

通过结合 Security Analytics 和 Log Explorer 两者的力量,安全团队可以在 Cloudflare 内原生进行日志分析、调查和监控,无需使用第三方日志系统,从缩短解决问题的时间,降低总体拥有成本。

简化从 Netskope 和 Zscaler 到 Cloudflare 的迁移:即将推出 Deskope 和升级版 Descaler 合作伙伴计划

Cloudflare 将 Descaler 计划扩展到授权服务交付合作伙伴 (ASDP)。 Cloudflare 也在推出 Deskope 全新工具集,以帮助现有 Netskope 客户迁移到 Cloudflare One 平台。

使用 JWT 验证,保护 API 安全

现在,Cloudflare 客户可以通过使用 API Gateway 验证传入的 JSON Web 令牌 (JWT),保护其 API 免受失效身份验证攻击。

简化企业通过 Express Cloudflare Network Interconnect 连接到 Cloudflare 的方式

Express Cloudflare Network Interconnect 让您可以快速、轻松地将网络连接到 Cloudflare。客户现在可以直接从 Cloudflare 仪表板订购 Express CNI。

Cloudflare 可缓解 VeloCloud 客户的 SASE 焦虑

SASE 市场的动荡促使大量客户纷纷寻求帮助。我们将尽己所能,为陷入战略转变十字路口的 VeloCloud 客户提供帮助。

面向所有企业客户的免费网络流量监测

宣布推出 Cloudflare 网络流监控产品 Magic Network Monitoring 的免费版本。 现已向所有 Enterprise 客户提供。

构建安全的网站:Cloudflare Pages 与 Turnstile 插件指南

了解如何使用 Cloudflare Pages 和 Turnstile,快速轻松地部署网站,同时保护网站免遭机器人攻击,且不影响用户体验。

WAF Content Scanning 正式发布,实现文件恶意软件防护

宣布 WAF Content Scanning 即将正式发布,通过扫描传输中的文件,保护 Web 应用程序和 API 免遭恶意软件攻击。

我们如何可以帮助互联网变得更好?

.tg {border-collapse:collapse;border-color:#ccc;border-spacing:0;} .tg td{background-color:#fff;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{background-color:#f0f0f0;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-f50w{background-color:#F90;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-zb5k{color:#15C;text-align:left;text-decoration:underline;vertical-align:top} .tg .tg-zb5k a{border-bottom: 0} .tg .tg-0lax{text-align:left;vertical-align:top}

标题

摘录

在 2024 年“选举投票”期间,Cloudflare 保护全球民主国家免遭新兴技术的威胁

Cloudflare 正在积极通过提供安全可靠、性能卓越的工具来支持参与选举的候选人,帮助推动民主进程。

应对 Magecart 迷宫:Magecart 影响网站的警世故事

了解一场针对电子商务网站的复杂 Magecart 攻击如何开展。这一事件凸显了拥有强大的客户端安全态势非常必要。

Cloudflare 的 URL 扫描程序、新功能以及我们如何构建它的故事

发现增强版 URL 扫描器 API,现已与安全中心调查门户集成。享受未列出的扫描、多设备截图以及与 Cloudflare 生态系统的无缝集成。

利用 CISA 的 Secure by Design 原则进行行业变革

安全考量应当是软件设计过程中不可分割的一部分,而不应当是事后的想法。探索 Cloudflare 如何遵守 CISA 的 Secure by Design 原则来推动行业变革。

后量子互联网的现状

如今,近 2% 与 Cloudflare 建立的 TLS 1.3 连接采用后量子加密技术进行保护。这篇博客文章讨论了目前 2024 年初的现状,对未来几年可以期待什么,以及您今天可以做些什么。

Advanced DNS Protection:缓解日趋复杂的 DNS DDoS 攻击

隆重推出Advanced DNS Protection 系统,这是一个强大的防御机制,旨在防范最复杂的基于 DNS 的 DDoS 攻击。

分享 Cloudflare 的方式

.tg {border-collapse:collapse;border-color:#ccc;border-spacing:0;} .tg td{background-color:#fff;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;overflow:hidden;padding:10px 5px;word-break:normal;} .tg th{background-color:#f0f0f0;border-color:#ccc;border-style:solid;border-width:1px;color:#333; font-family:Arial, sans-serif;font-size:14px;font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;} .tg .tg-f50w{background-color:#F90;font-weight:bold;text-align:left;vertical-align:top} .tg .tg-zb5k{color:#15C;text-align:left;text-decoration:underline;vertical-align:top} .tg .tg-zb5k a{border-bottom: 0} .tg .tg-0lax{text-align:left;vertical-align:top}

标题

摘录

人人都应该考虑采用的 Linux 内核安全可调参数

本篇博客文章将阐述 Linux 内核的一些功能,这些功能正在帮助 Cloudflare 提高其生产系统的安全性。我们将深入探讨它们的工作原理以及为什么您应该考虑启用它们。

利用 Cloudflare 保护 Cloudflare:Zero Trust 之旅

深入了解如何在部署 Cloudflare Zero Trust 时维护用户隐私。

网络性能产品更新:Security Week 2024

在全球 44% 的网络中,Cloudflare 是 95 百分位数连接时间最快的提供商。 让我们深入研究数据并讨论我们是如何做到这一点的。

捕获 Cloudflare 办公室中的“混沌”

本文将介绍 LavaRand 中新增的“混沌”源,以及如何在您的下一个应用程序中利用这些捕获的混沌。

在 Cloudflare Radar 中推出电子邮件安全见解

Cloudflare Radar上新的电子邮件安全部分提供对以下方面的见解:在恶意电子邮件中发现的威胁、垃圾邮件和恶意电子邮件的来源以及旨在防止滥用电子邮件的技术的最新趋势。

结语

感谢您参加本周的活动, 我们将于四月初举行以开发人员社区为主题的创新周,欢迎关注。

我们保护整个企业网络,帮助客户高效构建互联网规模的应用程序,加速任何网站或互联网应用程序抵御 DDoS 攻击,防止黑客入侵,并能协助您实现 Zero Trust 的过程

从任何设备访问 1.1.1.1,以开始使用我们的免费应用程序,帮助您更快、更安全地访问互联网。要进一步了解我们帮助构建更美好互联网的使命,请从这里开始。如果您正在寻找新的职业方向,请查看我们的空缺职位
Security WeekZero TrustApplication SecurityEmail SecurityAI

在 X 上关注

Ankur Aggarwal|@Encore_Encore
Cloudflare|@cloudflare

相关帖子

2024年10月23日 13:00

Fearless SSH: short-lived certificates bring Zero Trust to infrastructure

Access for Infrastructure, BastionZero’s integration into Cloudflare One, will enable organizations to apply Zero Trust controls to their servers, databases, Kubernetes clusters, and more. Today we’re announcing short-lived SSH access as the first available feature of this integration. ...