October 02, 2024 1:00 PM
Over the past couple of weeks, Cloudflare's DDoS protection systems have automatically and successfully mitigated multiple hyper-volumetric L3/4 DDoS attacks exceeding 3 billion packets per second (Bpps). Our systems also automatically mitigated multiple attacks exceeding 3 terabits per second (Tbps), with the largest ones exceeding 3.65 Tbps. The scale of these attacks is unprecedented....
September 30, 2024 1:00 PM
Recapping all the big announcements made during 2024’s Birthday Week....
September 27, 2024 1:00 PM
Cloudflare strengthens its commitment to cybersecurity by joining CISA's "Secure by Design" pledge. In line with this commitment, we're enhancing our vulnerability disclosure policy by launching a VIP bug bounty program, giving top researchers early access to our products. Keep an eye out for future updates regarding Cloudflare's CISA pledge as we work together to shape a safer digital future....
September 27, 2024 1:00 PM
This year for Cloudflare’s birthday, we’ve extended our AI Assistant capabilities to help you build new WAF rules, added new AI bot & crawler traffic insights to Radar, and given customers new AI bot ...
September 24, 2024 1:00 PM
Cloudflare is now verifying WhatsApp’s Key Transparency audit proofs to ensure the security of end-to-end encrypted messaging conversations without having to manually check QR codes. We are publishing the results of the proof verification to https://dash.key-transparency.cloudflare.com for independent researchers and security experts to compare against WhatsApp’s. Cloudflare does not have access to underlying public key material or message metadata as part of this infrastructure....
September 24, 2024 1:00 PM
Cloudflare is extending the use of our public DNS resolver through partnering with ISPs and network providers to deliver a safer browsing experience directly to families. Join us in protecting every Internet user from unsafe content with the click of a button, powered by 1.1.1.1 ...
September 23, 2024 1:00 PM
As the Internet evolves, Turnstile does too. Introducing Ephemeral IDs — a new dimension in detecting fraudulent activity, bot or human, that links behavior to a specific client instead of an IP address. This makes Turnstile better for everyone, everywhere. ...
July 29, 2024 1:00 PM
Outages caused by certificate pinning is increasing. Learn why certificate pinning hasn’t kept up with modern standards and find alternatives to improve security while reducing management overhead...
June 24, 2024 5:06 PM
To help protect against account compromise via credential stuffing attacks, Cloudflare will notify dashboard users when we detect that a password was found in an external data breach...
May 30, 2024 12:12 PM
We’re excited to announce that BastionZero, a Zero Trust infrastructure access platform, has joined Cloudflare. This acquisition extends our Zero Trust Network Access (ZTNA) flows with native access management for infrastructure like servers, Kubernetes clusters, and databases...
April 12, 2024 1:00 PM
Let’s Encrypt’s cross-signed chain will be expiring in September. This will affect legacy devices with outdated trust stores (Android versions 7.1.1 or older). To prevent this change from impacting customers, Cloudflare will shift Let’s Encrypt certificates upon renewal to use a ...
April 02, 2024 5:00 PM
Along with CISA and the Joint Cyber Defense Collaborative, we are spotlighting threats to civil society, best practices for online protection, and new resources specifically for these vulnerable communities. Find out more about our latest initiatives....
March 26, 2024 1:00 PM
In this 2023-early 2024 email analysis, we examine how certain generic Top-Level Domains (TLDs) are primarily used for spam and phishing, and their evolution over a year. There are many trends in email threats to examine...
March 14, 2024 2:00 PM
Let’s Encrypt’s cross-signed chain will be expiring. To prepare for, Cloudflare will issue certs from Let’s Encrypt’s ISRG X1 chain. This change impacts legacy devices with outdated trust stores....
March 08, 2024 2:05 PM
With the combined power of Security Analytics + Log Explorer, security teams can analyze, investigate, and monitor for security attacks natively within Cloudflare, reducing time to resolution and overall cost of ownership for customers by eliminating the need to forward logs to t...
March 08, 2024 2:00 PM
Our Security Center now houses Requests for Information (RFIs) and Priority Intelligence Requirements (PIRs). These features are available via API as well and Cloudforce One customers can start leveraging them today for enhanced security analysis...
March 08, 2024 2:00 PM
Discover the enhanced URL Scanner API: Now with direct access from the Security Center Investigate Portal, enjoy unlisted scans, multi-device screenshots, and seamless integration within the Cloudflare ecosystem...
March 07, 2024 2:00 PM
Learn how to use Cloudflare Pages and Turnstile to deploy your website quickly and easily while protecting it from bots, without compromising user experience. Follow our tutorial here for a seamless integration...
March 06, 2024 2:00 PM
This post illustrates some of the Linux Kernel features, which are helping us to keep our production systems more secure. We will deep dive into how they work and why you may consider enabling them as well...
