Russian Internet users are unable to access the open Internet
2025-06-26
Since June 9, 2025, Internet users located in Russia and connecting to the open Internet have been throttled by Russian Internet Service Providers (ISPs)....
Making Application Security simple with a new unified dashboard experience
2025-03-20
We’re introducing a new Application Security experience in the Cloudflare dashboard, with a reworked UI organized by use cases, making it easier for customers to navigate and secure their accounts....
Cloudflare for AI: supporting AI adoption at scale with a security-first approach
2025-03-19
With Cloudflare for AI, developers, security teams and content creators can leverage Cloudflare’s network and portfolio of tools to secure, observe and make AI applications resilient and safe to use....
A safer Internet with Cloudflare: free threat intelligence, analytics, and new threat detections
2024-09-24
Birthday WeekSecurityCASBDLPData Loss PreventionThreat IntelligenceZero TrustCloudflare OnePage ShieldLeaked Credential ChecksSASE
Today, we are taking some big steps forward in our mission to help build a better Internet. Cloudflare is giving everyone free access to 10+ different website and network security products and features....
Application Security report: 2024 update
2024-07-11
Cloudflare’s updated 2024 view on Internet cyber security trends spanning global traffic insights, bot traffic insights, API traffic insights, and client-side risks...
Automatically replacing polyfill.io links with Cloudflare’s mirror for a safer Internet
2024-06-26
CDNJSJavaScriptVulnerabilitiesApplication SecurityApplication ServicesSupply Chain AttacksAttacksBetter Internet
polyfill.io, a popular JavaScript library service, can no longer be trusted and should be removed from websites...
polyfill.io now available on cdnjs: reduce your supply chain risk
2024-02-29
Polyfill.io is now available on cdnjs to reduce the risk of supply chain attacks. Replace your polyfill.io links today for a seamless experience...
Detecting zero-days before zero-day
2023-09-29
In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher....
Making Content Security Policies (CSPs) easy with Page Shield
2023-09-15
We just deployed a number of updates to our Client-Side Security Product: Page Shield. As of today we support all major CSP directives, better suggestions, better violation reporting, Page Shield specific user role permissions, and domain insights...
The state of application security in 2023
2023-03-14
One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks....
Locking down your JavaScript: positive blocking with Page Shield policies
2023-03-13
Starting today, using Page Shield, Cloudflare’s client side security solution, you can ensure only vetted and secure JavaScript is being executed by your user’s browsers. Stop unwanted JavaScript and keep your end user data safe with Page Shield policies....
How Cloudflare can help stop malware before it reaches your app
2023-01-04
Today, we’re making the job of application security teams easier, by providing a content scanning engine integrated with our Web Application Firewall (WAF), so that malicious files being uploaded by end users, never reach origin servers in the first place...
Page Shield can now watch for malicious outbound connections made by third-party JavaScript code
2022-10-21
Starting today, Page Shield can now watch for malicious outbound connections made by third-party JavaScript code...
Cloudflare named a Leader in WAF by Forrester
2022-09-27
Forester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence....
Cloudflare named a Leader by Gartner
2022-09-06
Gartner has recognised Cloudflare as a Leader in the 2022 "Gartner® Magic Quadrant™ for Web Application and API Protection (WAAP)" report that evaluated 11 vendors for their ‘ability to execute’ and ‘completeness of vision’...
Cloudflare observations of Confluence zero day (CVE-2022-26134)
2022-06-05
UTC Atlassian released a Security Advisory relating to a remote code execution (RCE) vulnerability affecting Confluence Server and Confluence Data Center products....
WAF mitigations for Spring4Shell
2022-03-31
Cloudflare Managed Ruleset updates for the recent vulnerabilities affecting the Java Spring framework and related software components...
Application security: Cloudflare’s view
2022-03-21
In this post, we share some of the insights we’ve gathered from the 32 million HTTP requests/second that pass through our network...
Cloudflare Observability
2022-03-18
Being a single pane of glass for all network activity has always been one of Cloudflare’s goals. Today, we’re outlining the future vision for Cloudflare observability....
