Vulnerability disclosure on SSL for SaaS v1 (Managed CNAME)
2025-08-01
An upcoming vulnerability disclosure in Cloudflare’s SSL for SaaSv1 is detailed, explaining the steps we’ve taken towards deprecation....
Vulnerability transparency: strengthening security through responsible disclosure
2025-05-16
In line with CISA’s Secure By Design pledge, Cloudflare shares its vulnerability disclosure process, CVE issuance criteria, and CNA duties. ...
Demonstrating reduction of vulnerability classes: a key step in CISA’s “Secure by Design” pledge
2025-01-14
Cloudflare strengthens its commitment to cybersecurity by joining CISA's "Secure by Design" pledge. In line with this, we're reducing the prevalence of vulnerability classes across our products....
Advancing cybersecurity: Cloudflare implements a new bug bounty VIP program as part of CISA Pledge commitment
2024-09-27
Cloudflare strengthens its commitment to cybersecurity by joining CISA's "Secure by Design" pledge. In line with this commitment, we're enhancing our vulnerability disclosure policy by launching a VIP bug bounty program, giving top researchers early access to our products. Keep an eye out for future updates regarding Cloudflare's CISA pledge as we work together to shape a safer digital future....
