Application Security report: 2024 update
2024-07-11
Cloudflare’s updated 2024 view on Internet cyber security trends spanning global traffic insights, bot traffic insights, API traffic insights, and client-side risks...
2024-07-11
Cloudflare’s updated 2024 view on Internet cyber security trends spanning global traffic insights, bot traffic insights, API traffic insights, and client-side risks...
2024-06-26
polyfill.io, a popular JavaScript library service, can no longer be trusted and should be removed from websites...
2024-02-29
Polyfill.io is now available on cdnjs to reduce the risk of supply chain attacks. Replace your polyfill.io links today for a seamless experience...
2023-09-29
In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher....
2023-09-15
We just deployed a number of updates to our Client-Side Security Product: Page Shield. As of today we support all major CSP directives, better suggestions, better violation reporting, Page Shield specific user role permissions, and domain insights...
2023-08-21
We are back with a quarterly update of our Application Security report. Read on to learn about new attack trends and insights visible from Cloudflare’s global network...
2023-03-14
One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks....
2023-03-13
Starting today, using Page Shield, Cloudflare’s client side security solution, you can ensure only vetted and secure JavaScript is being executed by your user’s browsers. Stop unwanted JavaScript and keep your end user data safe with Page Shield policies....
2023-01-04
Today, we’re making the job of application security teams easier, by providing a content scanning engine integrated with our Web Application Firewall (WAF), so that malicious files being uploaded by end users, never reach origin servers in the first place...
2022-10-21
Starting today, Page Shield can now watch for malicious outbound connections made by third-party JavaScript code...
2022-09-27
Forester has recognised Cloudflare as a Leader in The Forrester Wave™: Web Application Firewalls, Q3 2022 report. The report evaluated 12 Web Application Firewall (WAF) providers on 24 criteria across current offering, strategy and market presence....
2022-09-06
Gartner has recognised Cloudflare as a Leader in the 2022 "Gartner® Magic Quadrant™ for Web Application and API Protection (WAAP)" report that evaluated 11 vendors for their ‘ability to execute’ and ‘completeness of vision’...
2022-06-05
On 2022-06-02 at 20:00 UTC Atlassian released a Security Advisory relating to a remote code execution (RCE) vulnerability affecting Confluence Server and Confluence Data Center products. This post covers our current analysis of this vulnerability...
2022-03-31
Cloudflare Managed Ruleset updates for the recent vulnerabilities affecting the Java Spring framework and related software components...
2022-03-21
In this post, we share some of the insights we’ve gathered from the 32 million HTTP requests/second that pass through our network...
2022-03-18
Being a single pane of glass for all network activity has always been one of Cloudflare’s goals. Today, we’re outlining the future vision for Cloudflare observability....
2022-03-15
We are excited to provide our new Cloudflare Web Application Firewall, with a Free Managed Ruleset to all Cloudflare users...
2022-03-13
Welcome to our first innovation week of the year: Security Week! In this post we will be going over Cloudflare’s security products’ history giving you an introduction to all the great announcements we have planned...
2021-12-08
To help identify and mitigate supply chain attacks in the context of web applications, today we are launching Page Shield in General Availability (GA)....
2021-12-03
Cloudflare can now send proactive notifications about any application security event spike, so you are warned whenever an attack might be targeting your application....