From legacy architecture to Cloudflare One
2026-03-16
Learn how Cloudflare and CDW de-risk SASE migrations with a blueprint that treats legacy debt as an application modernization project....
Continue reading »
Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans
2026-03-12
Blocking bots isn’t enough anymore. Cloudflare’s new fraud prevention capabilities — now available in Early Access — help stop account abuse before it starts....
Slashing agent token costs by 98% with RFC 9457-compliant error responses
2026-03-11
Cloudflare now returns RFC 9457-compliant structured Markdown and JSON error payloads to AI agents, replacing heavyweight HTML pages with machine-readable instructions. This reduces token usage by over 98%, turning brittle parsing into efficient control flow....
AI Security for Apps is now generally available
2026-03-11
Cloudflare AI Security for Apps is now generally available, providing a security layer to discover and protect AI-powered applications, regardless of the model or hosting provider. We are also making AI discovery free for all plans, to help teams find and secure shadow AI deployments....
Investigating multi-vector attacks in Log Explorer
2026-03-10
Log Explorer customers can now identify and investigate multi-vector attacks. Log Explorer supports 14 additional Cloudflare datasets, enabling users to have a 360-degree view of their network....
Building a security overview dashboard for actionable insights
2026-03-10
Cloudflare's new Security Overview dashboard transforms overwhelming security data into prioritized, actionable insights, empowering defenders with contextual intelligence on vulnerabilities. ...
Translating risk insights into actionable protection: leveling up security posture with Cloudflare and Mastercard
2026-03-10
Cloudflare will be integrating Mastercard’s RiskRecon attack surface intelligence capabilities to help you eliminate Internet-facing blind spots while continuously monitoring and closing security gaps....
Fixing request smuggling vulnerabilities in Pingora OSS deployments
2026-03-09
Today we’re disclosing request smuggling vulnerabilities when our open source Pingora service is deployed as an ingress proxy and how we’ve fixed them in Pingora 0.8.0. ...
Active defense: introducing a stateful vulnerability scanner for APIs
2026-03-09
Cloudflare’s new Web and API Vulnerability Scanner helps teams proactively find logic flaws. By using AI to build API call graphs, we identify vulnerabilities that standard defensive tools miss....
Complexity is a choice. SASE migrations shouldn’t take years.
2026-03-09
Discover how Cloudflare partners TachTech and Adapture are shattering the 18-month migration myth, deploying agile SASE for global enterprises in weeks by treating security as software....
From the endpoint to the prompt: a unified data security vision in Cloudflare One
2026-03-06
Cloudflare One unifies data security from endpoint to prompt: RDP clipboard controls, operation-mapped logs, on-device DLP, and Microsoft 365 Copilot scanning via API CASB....
Ending the "silent drop": how Dynamic Path MTU Discovery makes the Cloudflare One Client more resilient
2026-03-05
The Cloudflare One Client now features the ability to actively probe and adjust packet sizes. This update eliminates the problems caused by tunnel layering and MTU differences, providing more stability and resiliency. ...
How Automatic Return Routing solves IP overlap
2026-03-05
Automatic Return Routing (ARR) solves the common enterprise challenge of overlapping private IP addresses by using stateful flow tracking instead of traditional routing tables. This userspace-driven approach ensures return traffic reaches the correct origin tunnel without manual NAT or VRF configuration....
A QUICker SASE client: re-building Proxy Mode
2026-03-05
By transitioning the Cloudflare One Client to use QUIC streams for Proxy Mode, we eliminated the overhead of user-space TCP stacks, resulting in a 2x increase in throughput and significant latency reduction for end users. ...
Always-on detections: eliminating the WAF “log versus block” trade-off
2026-03-04
Cloudflare is introducing Attack Signature Detection and Full-Transaction Detection to provide continuous, high-fidelity security insights without the manual tuning of traditional WAFs. By correlating request payloads with server responses, we can now identify successful exploits and data exfiltration while minimizing false positives....
Mind the gap: new tools for continuous enforcement from boot to login
2026-03-04
Cloudflare’s mandatory authentication and independent MFA protect organizations by ensuring continuous enforcement, from the moment a machine boots until sensitive resources are accessed....
Defeating the deepfake: stopping laptop farms and insider threats
2026-03-04
Cloudflare One is partnering with Nametag to combat laptop farms and AI-enhanced identity fraud by requiring identity verification during employee onboarding and via continuous authentication....
Moving from license plates to badges: the Gateway Authorization Proxy
2026-03-04
Cloudflare’s Gateway Authorization Proxy adds support for identity-aware policies for clientless devices, securing virtual desktops, and guest networks without a device client....
Stop reacting to breaches and start preventing them with User Risk Scoring
2026-03-04
Cloudflare One now incorporates dynamic User Risk Scores into Access policies to enable automated, adaptive security responses. This update allows teams to move beyond binary "allow/deny" rules by evaluating continuous behavior signals from both internal and third-party sources....
Introducing the 2026 Cloudflare Threat Report
2026-03-03
There has been a fundamental shift toward industrialized cyber threats, highlighted by a record 31.4 Tbps DDoS attack and sophisticated session token theft. Our new report examines how nation-states and criminal actors have moved beyond traditional exploits to "living off the XaaS" within legitimate enterprise logic....
