About the March 8 & 9, 2021 Verkada camera hack
March 10, 2021 8:43 PM
To be clear: this hack affected the cameras and nothing else. No customer data was accessed, no production systems, no databases, no encryption keys, nothing. ...
Control web applications with two-clicks in Cloudflare Gateway
March 09, 2021 12:00 PM
Announcing Application policies in Cloudflare Gateway. With Gateway, users instead connect to one of Cloudflare’s data centers in 200 cities around the world where our network can apply consistent security policies for all of their Internet traffic....
The Teams Dashboard: Finding a Product Voice
March 05, 2021 12:00 PM
Users love products whose voices they recognize. Here’s how we created a voice for the Teams Dashboard, and how we’re working to make our user’s experience more intentional and consistent....
Flow-based monitoring for Magic Transit
February 26, 2021 11:00 PM
Today, we’re announcing new functionality to improve the experience for on demand Magic Transit customers: flow-based monitoring. Flow-based monitoring allows us to detect and notify customers when they’re under attack so they can activate Magic Transit for protection....
Using HPKE to Encrypt Request Payloads
February 19, 2021 12:00 PM
Allowing users to securely log parts of the request that match firewall rules while making it impossible for anyone else to decrypt....
MORE POSTS
January 14, 2021 12:00 PM
Soar: Simulation for Observability, reliAbility, and secuRity
In this article, we will discuss one of the techniques we use to fight such software complexity: simulations. Simulations are basically system tests that run with synthesized customer traffic and applications....
- By
December 23, 2020 12:00 PM
Integrating Cloudflare Gateway and Access
We’re excited to announce that you can now set up your Access policies to require that all user traffic to your application is filtered by Cloudflare Gateway. This ensures that all of the traffic to your self-hosted and SaaS applications is secured and centrally logged....
- By
December 22, 2020 12:00 PM
Beat - An Acoustics Inspired DDoS Attack
On the week of Black Friday, Cloudflare automatically detected and mitigated “Beat” - an acoustics inspired DDoS attacks that targeted a Magic Transit customer. ...
- By
December 21, 2020 11:11 AM
Configure identity-based policies in Cloudflare Gateway
You can now build secure web gateway rules based on user and group identity....
- By
December 16, 2020 5:00 PM
Trend data on the SolarWinds Orion compromise
Analyzing SUNBURST malware activity seen on Cloudflare’s public DNS resolver....
- By
December 11, 2020 3:00 PM
Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)
Allowing logging for payloads that trigger the Web Application Firewall has always led to end-user privacy concerns. We built encrypted matched payload logging to solve this!...
- By
December 10, 2020 4:14 PM
Announcing Workplace Records for Cloudflare for Teams
Workplace Records uses Access and Gateway logs to provide the state and country from which employees are working. Workplace Records can be used to help finance, legal, and HR departments determine where payroll taxes are due and provide a record to defend those decisions....
- By
December 08, 2020 12:00 PM
OPAQUE: The Best Passwords Never Leave your Device
Imagine passwords for online services that never leave your device, encrypted or otherwise. OPAQUE is a new cryptographic protocol that makes this idea possible, giving you and only you full control of your password....
- By
December 08, 2020 12:00 PM
Improving DNS Privacy with Oblivious DoH in 1.1.1.1
Oblivious DoH (ODoH) makes secure DNS over HTTPS (DoH) queries into private queries which prevent the leakage of client IP addresses to resolvers. The new proposed ODoH standard addresses this problem and today we are enabling users to use this protocol with 1.1.1.1...
- By
November 17, 2020 12:00 PM
Anchoring Trust: A Hardware Secure Boot Story
As a security company, we pride ourselves on finding innovative ways to protect our platform to, in turn, protect the data of our customers. Part of this approach is implementing progressive methods in protecting our hardware at scale....
- By
November 13, 2020 7:06 PM
SAD DNS Explained
Researchers from UC Riverside and Tsinghua University found a new way to revive a decade-old DNS cache poisoning attack. Read our deep dive into how the SAD DNS attack on DNS resolvers works, how we protect against this attack in 1.1.1.1, and what the future holds for DNS cache p...
- By
November 13, 2020 12:00 PM
Automated Origin CA for Kubernetes
Today we're releasing origin-ca-issuer, an extension to cert-manager integrating with Cloudflare Origin CA to easily create and renew certificates for your account's domains....
- By
November 10, 2020 2:49 PM
What is an Integrated Email Security solution? And is it right for your organization?
Gartner has named Area 1 Security as a Representative Vendor for IESS. We believe, Area 1 Security, as an IESS, provides the core functionalities of a SEG, but has the advantage of being very quick and easy to deploy, without requiring changes to the email flow at the gateway....
- By
November 06, 2020 12:36 PM
The Internet is Getting Safer: Fall 2020 RPKI Update
The cap of two hundred thousand routing cryptographic records was recently passed. We thought it was time for an update on a major year for RPKI....
- By