Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cloudflare

Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers

Mar 31, 2026 By Anita Tenjarla In Cloudflare
We're proud to introduce Programmable Flow Protection: a system designed to let Magic Transit customers implement their own custom DDoS mitigation logic and deploy it across Cloudflare’s global network. This enables precise, stateful mitigation for custom and proprietary protocols built on UDP. It is engineered to provide the highest possible level of customization and flexibility to mitigate DDoS attacks of any scale.
Read Post

Kimi Found 40+ Security Issues in Our Code. Open Source AI Is Here | Michelle Chen

Mar 31, 2026 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé is joined by Michelle Chen from Cloudflare’s AI product team to discuss the rise of open models, the launch of Kimi 2.5 on Workers AI, and why enterprises are rethinking the cost of proprietary AI.
View Video
cloudflare

Cloudflare Client-Side Security: smarter detection, now open to everyone

Mar 30, 2026 By Zhiyuan Zheng In Cloudflare
Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag. If that sounds abstract, here are two recent examples of such skimming attacks: To further our goal of building a better Internet, Cloudflare established a core tenet during our Birthday Week 2025: powerful security features should be accessible without requiring a sales engagement.
Read Post

AI Agents Now Rank With the Top 3 Hacking Teams: Chema Alonso

Mar 27, 2026 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé is joined by Chema Alonso, Vice President and Head of International Development at Cloudflare. Chema shares how a 1998 paper on SQL injection launched his career in hacking, his path from running a startup in Madrid to becoming a Microsoft MVP for 14 years, and how he ended up leading cybersecurity at Telefónica for more than a decade — after telling them “you don’t have enough money to make me work for you.” He also explains why he left Telefónica in 2025 to join Cloudflare, and what surprised him about the company’s technical depth.
View Video

Advanced Certificate Manager: Essential TLS Control for Regulated Industries

Mar 25, 2026 By Cloudflare In Cloudflare
Get full, granular TLS control with Cloudflare Advanced Certificate Manager (ACM). While every Cloudflare account includes free basic TLS, complex and highly-regulated businesses, like technology, financial services, or healthcare, need more granular control, and ACM eliminates the manual overhead of managing certificates. Key Features Include: Helpful Links & Resources.
View Video
cloudflare

Standing up for the open Internet: why we appealed Italy's "Piracy Shield" fine

Mar 16, 2026 By Patrick Nemeroff In Cloudflare
At Cloudflare, our mission is to help build a better Internet. Usually, that means rolling out new services to our millions of users or defending the web against the world’s largest cyber attacks. But sometimes, building a better Internet requires us to stand up against laws or regulations that threaten its fundamental architecture.
Read Post
cloudflare

Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans

Mar 12, 2026 By Jin-Hee Lee In Cloudflare
Today, Cloudflare is introducing a new suite of fraud prevention capabilities designed to stop account abuse before it starts. We've spent years empowering Cloudflare customers to protect their applications from automated attacks, but the threat landscape has evolved. The industrialization of hybrid automated-and-human abuse presents a complex security challenge to website owners.
Read Post
cloudflare

AI Security for Apps is now generally available

Mar 11, 2026 By Liam Reese In Cloudflare
Cloudflare’s AI Security for Apps detects and mitigates threats to AI-powered applications. Today, we're announcing that it is generally available. We’re shipping with new capabilities like detection for custom topics, and we're making AI endpoint discovery free for every Cloudflare customer—including those on Free, Pro, and Business plans—to give everyone visibility into where AI is deployed across their Internet-facing apps.
Read Post
cloudflare

Complexity is a choice. SASE migrations shouldn't take years.

Mar 9, 2026 By Warnessa Weaver In Cloudflare
For years, the cybersecurity industry has accepted a grim reality: migrating to a zero trust architecture is a marathon of misery. CIOs have been conditioned to expect multi-year deployment timelines, characterized by turning screws, manual configurations, and the relentless care and feeding of legacy SASE vendors. But at Cloudflare, we believe that kind of complexity is a choice, not a requirement. Today, we are highlighting how our partners are proving that what used to take years now takes weeks.
Read Post
cloudflare

Active defense: introducing a stateful vulnerability scanner for APIs

Mar 9, 2026 By John Cosgrove In Cloudflare
Security is traditionally a game of defense. You build walls, set up gates, and write rules to block traffic that looks suspicious. For years, Cloudflare has been a leader in this space: our Application Security platform is designed to catch attacks in flight, dropping malicious requests at the edge before they ever reach your origin. But for API security, defensive posturing isn’t enough. That’s why today, we are launching the beta of Cloudflare’s Web and API Vulnerability Scanner.
Read Post
cloudflare

Fixing request smuggling vulnerabilities in Pingora OSS deployments

Mar 9, 2026 By Edward Wang In Cloudflare
In December 2025, Cloudflare received reports of HTTP/1.x request smuggling vulnerabilities in the Pingora open source framework when Pingora is used to build an ingress proxy. Today we are discussing how these vulnerabilities work and how we patched them in Pingora 0.8.0. The vulnerabilities are CVE-2026-2833, CVE-2026-2835, and CVE-2026-2836. These issues were responsibly reported to us by Rajat Raghav (xclow3n) through our Bug Bounty Program.
Read Post

AI Deepfakes & Laptop Farms: Inside the 2026 Cloudflare Threat Report

Mar 6, 2026 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé is joined by Cloudflare threat intelligence experts Brian Carter and Chris Pacey to break down the 2026 Cloudflare Threat Report and what it reveals about today’s cyber threat landscape. We discuss how threat intelligence helps organizations prioritize risks, how attackers are increasingly leveraging automation and AI tools, and why botnets, supply-chain attacks, and credential-theft campaigns continue to evolve.
View Video
cloudflare

From the endpoint to the prompt: a unified data security vision in Cloudflare One

Mar 6, 2026 By Alex Dunbrack In Cloudflare
Cloudflare One has grown a lot over the years. What started with securing traffic at the network now spans the endpoint and SaaS applications – because that’s where work happens. But as the market has evolved, the core mission has become clear: data security is enterprise security. Here’s why. We don’t enforce controls just to enforce controls.
Read Post
cloudflare

A QUICker SASE client: re-building Proxy Mode

Mar 5, 2026 By Koko Uko In Cloudflare
When you need to use a proxy to keep your zero trust environment secure, it often comes with a cost: poor performance for your users. Soon after deploying a client proxy, security teams are generally slammed with support tickets from users frustrated with sluggish browser speed, slow file transfers, and video calls glitching at just the wrong moment. After a while, you start to chalk it up to the proxy — potentially blinding yourself to other issues affecting performance.
Read Post
cloudflare

Always-on detections: eliminating the WAF "log versus block" trade-off

Mar 4, 2026 By Daniele Molteni In Cloudflare
Traditional Web Application Firewalls typically require extensive, manual tuning of their rules before they can safely block malicious traffic. When a new application is deployed, security teams usually begin in a logging-only mode, sifting through logs to gradually assess which rules are safe for blocking mode. This process is designed to minimize false positives without affecting legitimate traffic. It’s manual, slow and error-prone.
Read Post
cloudflare

Defeating the deepfake: stopping laptop farms and insider threats

Mar 4, 2026 By Ann Ming Samborski In Cloudflare
Trust is the most expensive vulnerability in modern security architecture. In recent years, the security industry has pivoted toward a zero trust model for networks — assuming breach and verifying every request. Yet when it comes to the people behind those requests, we often default back to implicit trust. We trust that the person on the Zoom call is who they say they are. We trust that the documents uploaded to an HR portal are genuine. That trust is now being weaponized at an unprecedented scale.
Read Post
cloudflare

Evolving Cloudflare's Threat Intelligence Platform: actionable, scalable, and ETL-less

Mar 3, 2026 By Blake Darché In Cloudflare
For years, the cybersecurity industry has suffered from a "data gravity" problem. Security teams are buried under billions of rows of telemetry, yet they remain starved for actionable insights. A Threat Intelligence Platform (TIP) is a centralized security system that collects, aggregates, and organizes data about known and emerging cyber threats. It serves as the vital connective tissue between raw telemetry and active defense.
Read Post
cloudflare

Modernizing with agile SASE: a Cloudflare One blog takeover

Mar 2, 2026 By Warnessa Weaver In Cloudflare
Return to office has stalled for many, and the “new normal” for what the corporate network means is constantly changing. In 2026, your office may be a coffee shop, your workforce includes autonomous AI agents, and your perimeter is wherever the Internet reaches. This shift has forced a fundamental change in how we think about security, moving us toward a critical new architecture: agile SASE.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.