Android enthusiasts, your time has come. If you own a phone or tablet running Android 14 or higher, you can now save and sign in to many Android apps using passkeys.

Today, we are happy to announce that Cloudflare customers can protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway. Developers and their security teams need to control who can communicate with their APIs. Using API Gateway’s JWT Validation, Cloudflare customers can ensure that their Identity Provider previously validated the user sending the request, and that the user’s authentication tokens have not expired or been tampered with.

We understand that one of the significant hurdles faced by our customers, especially larger organizations, is obtaining a clear view of the deployment of Cloudflare services throughout their vast and complex infrastructures. The question isn't just whether Cloudflare is deployed, but whether it's fully optimized across every asset and service. Addressing this challenge head-on, we're rolling out a new feature set designed to provide better visibility and control over your security posture.

Cloudflare is committed to providing our customers with industry-leading network security solutions. At the same time, we recognize that establishing robust security measures involves identifying potential threats by using processes that may involve scrutinizing sensitive or personal data, which in turn can pose a risk to privacy. As a result, we work hard to balance privacy and security by building privacy-first security solutions that we offer to our customers and use for our own network.

An alternate point of view to the one you are hearing My first reaction when I heard the news of the merger between Veritas and Cohesity was one of jubilation. I've personally battled Cohesity and Veritas. I thought to myself, this is actually great news for all three companies.

Azure customers are facing the biggest threat to their privileged accounts. A cybersecurity firm has identified the spread of a new phishing campaign aimed at privileged users like sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign’s first set of attacks started around November 2023 and is still a looming threat. The good thing is that you can safeguard against and mitigate this attack.

When Benjamin Bachmann became the Vice President of Group Information Security at Ströer, two years ago, he encountered a significant challenge: the company lacked a comprehensive understanding of its external-facing assets. Ströer is a leading German media conglomerate with diverse operations spanning over 100 subsidiaries, each managing its own IT department, complicating the task of managing cybersecurity across such a diversified portfolio.

Every organization has to assign privileges to its user accounts. Good security practice requires each account to have only the privileges necessary for the role it’s assigned to. Ideally, that means only a few accounts have wide-ranging privileges capable of significantly changing the organization’s security configuration. These typically include systems administrators, database administrators, and service accounts. These accounts are especially vulnerable to security and compliance risks.

Elastic® introduces Elastic AI Assistant, the open, generative AI sidekick powered by ESRE to democratize cybersecurity and enable users of every skill level. The recently released Elasticsearch Relevance Engine™ (ESRE™) delivers new capabilities for creating highly relevant AI search applications. ESRE builds on more than two years of focused machine learning research and development made possible through Elastic’s leadership role in search use cases.

In today’s digital age, ransomware attacks have emerged as one of the most formidable threats to organizations worldwide. These malicious software attacks encrypt files on a device, rendering them inaccessible to users, and demand a ransom for decryption keys. The impact of ransomware can be devastating, leading to significant financial losses, operational downtime, and reputational damage.