Log every request to corporate apps, no code changes required
November 17, 2019 2:00 PM
Cloudflare Access can give your team the ability to introduce logging in a single gateway that applies to all resources protected behind it....
Going Keyless Everywhere
November 01, 2019 1:01 PM
Time flies. The Heartbleed vulnerability was discovered just over five and a half years ago. Heartbleed became a household name not only because it was one of the first bugs with its own web page and logo, but because of what it revealed about the fragility of the Internet as a whole....
Delegated Credentials for TLS
November 01, 2019 1:00 PM
Announcing support for a new cryptographic protocol making it possible to deploy encrypted services while still maintaining performance and control of private keys: Delegated Credentials for TLS. ...
Announcing cfnts: Cloudflare's implementation of NTS in Rust
October 31, 2019 1:00 PM
Several months ago we announced that we were providing a new public time service. Part of what we were providing was the first major deployment of the new Network Time Security protocol, with a newly written implementation of NTS in Rust. ...
The TLS Post-Quantum Experiment
October 30, 2019 1:00 PM
In a June 2019 experiment with Google, we implemented two post-quantum key exchanges, integrated them into our TLS stack and deployed the implementation on edge servers and in Chrome Canary clients....
MORE POSTS
October 28, 2019 1:00 PM
Supporting the latest version of the Privacy Pass Protocol
At Cloudflare, we are committed to supporting and developing new privacy-preserving technologies that benefit all Internet users. In November 2017, we announced server-side support for the Privacy Pass protocol, a piece of work developed in collaboration with the academic communi...
- By
October 27, 2019 11:00 PM
Tales from the Crypt(o team)
Halloween season is upon us. This week we’re sharing a series of blog posts about work being done at Cloudflare involving cryptography, one of the spookiest technologies around....
- By
October 25, 2019 1:00 PM
Public keys are not enough for SSH security
If your organization uses SSH public keys, it’s entirely possible you have already lost one. There is a file sitting in a backup or on a former employees computer which grants the holder access to your infrastructure....
- By
September 28, 2019 10:54 PM
Cloudflare’s protection against a new Remote Code Execution vulnerability (CVE-2019-16759) in vBulletin
Cloudflare has released a new rule as part of its Cloudflare Specials Rulesets, to protect our customers against a high-severity vulnerability in vBulletin. A new zero-day vulnerability was discovered for vBulletin, a proprietary Internet forum software. ...
- By
September 27, 2019 7:00 PM
Birthday Week 2019 Wrap-up
This week we celebrated Cloudflare’s 9th birthday by launching a variety of new offerings that support our mission: to help build a better Internet. Below is a summary recap of how we celebrated Birthday Week 2019....
- By
September 26, 2019 1:00 PM
HTTP/3: the past, the present, and the future
We are now happy to announce that QUIC and HTTP/3 support is available on the Cloudflare edge network. We’re excited to be joined in this announcement by Google Chrome and Mozilla Firefox, two of the leading browser vendors and partners in our effort to make the web faster and mo...
- By
September 23, 2019 1:00 PM
Cleaning up bad bots (and the climate)
From the very beginning Cloudflare has been stopping bots from scraping websites, or misusing APIs. Over time we’ve improved our bot detection methods and deployed large machine learning models that are able to distinguish real traffic (be it from humans or apps) from misbehaving...
- By
September 18, 2019 2:03 PM
Cloudflare’s Approach to Research
Cloudflare’s mission is to help build a better Internet. One of the tools used in pursuit of this goal is computer science research. We’ve learned that some of the difficult problems to solve are best approached through research...
- By
September 13, 2019 11:00 PM
How Cloudflare and Wall Street Are Helping Encrypt the Internet Today
Today has been a big day for Cloudflare, as we became a public company on the New York Stock Exchange (NYSE: NET). To mark the occasion, we decided to bring our favorite entropy machines to the floor of the NYSE....
- By
September 11, 2019 4:00 PM
How Castle is Building Codeless Customer Account Protection
Strong security should be easy. Asking your consumers again and again to take responsibility for their security through robust passwords and other security measures doesn’t work. The responsibility of security needs to shift from end users to the companies who serve them. ...
- By
August 30, 2019 1:00 PM
Announcing the General Availability of API Tokens
Today we are announcing the general availability of API Tokens - a scalable and more secure way to interact with the Cloudflare API. As part of making a better internet, Cloudflare strives to simplify manageability of a customer’s presence at the edge. ...
- By
August 22, 2019 1:00 PM
Supercharging Firewall Events for Self-Serve
Today, I’m very pleased to announce the release of a completely overhauled version of our Firewall Event log to our Free, Pro and Business customers. This new Firewall Events log is now available in your Dashboard, and you are not required to do anything to receive this new capab...
- By
August 08, 2019 10:00 PM
Introducing Certificate Transparency Monitoring
With CT Monitoring, we’ll send you an email whenever a certificate is issued for one of your domains. ...
- By
July 19, 2019 1:00 PM
Securing infrastructure at scale with Cloudflare Access
I rarely have to deal with the hassle of using a corporate VPN and I hope it remains this way. As a new member of the Cloudflare team, that seems possible. Coworkers who joined a few years ago did not have that same luck. They had to use a VPN to get any work done. What changed?...
- By