Archive

Category Archives for "CloudFlare"

A debugging story: corrupt packets in AF_XDP; a kernel bug or user error?

A debugging story: corrupt packets in AF_XDP; a kernel bug or user error?

panic: Invalid TCP packet: Truncated

A debugging story: corrupt packets in AF_XDP; a kernel bug or user error?

A few months ago we started getting a handful of crash reports for flowtrackd, our Advanced TCP Protection system that runs on our global network. The provided stack traces indicated that the panics occurred while parsing a TCP packet that was truncated.

What was most interesting wasn’t that we failed to parse the packet. It isn’t rare that we receive malformed packets from the Internet that are (deliberately or not) truncated. Those packets will be caught the first time we parse them and won’t make it to the latter processing stages. However, in our case, the panic occurred the second time we parsed the packet, indicating it had been truncated after we received it and successfully parsed it the first time. Both parse calls were made from a single green thread and referenced the same packet buffer in memory, and we made no attempts to mutate the packet in between.

It can be easy to dread discovering a bug like this. Is there a race condition? Is there memory corruption? Is this a kernel bug? A compiler bug? Our plan to get to the root cause of this potentially complex issue was to identify symptom(s) Continue reading

Cloud CNI privately connects your clouds to Cloudflare

Cloud CNI privately connects your clouds to Cloudflare

This post is also available in 简体中文, 日本語 and Español.

Cloud CNI privately connects your clouds to Cloudflare

For CIOs, networking is a hard process that is often made harder. Corporate networks have so many things that need to be connected and each one of them needs to be connected differently: user devices need managed connectivity through a Secure Web Gateway, offices need to be connected using the public Internet or dedicated connectivity, data centers need to be managed with their own private or public connectivity, and then you have to manage cloud connectivity on top of it all! It can be exasperating to manage connectivity for all these different scenarios and all their privacy and compliance requirements when all you want to do is enable your users to access their resources privately, securely, and in a non-intrusive manner.

Cloudflare helps simplify your connectivity story with Cloudflare One. Today, we’re excited to announce that we support direct cloud interconnection with our Cloudflare Network Interconnect, allowing Cloudflare to be your one-stop shop for all your interconnection needs.

Customers using IBM Cloud, Google Cloud, Azure, Oracle Cloud Infrastructure, and Amazon Web Services can now open direct connections from their private cloud instances into Cloudflare. In this blog, we’re going Continue reading

CIO Week 2023 recap

CIO Week 2023 recap

This post is also available in 日本語, 简体中文, and Español.

CIO Week 2023 recap

In our Welcome to CIO Week 2023 post, we talked about wanting to start the year by celebrating the work Chief Information Officers do to keep their organizations safe and productive.

Over the past week, you learned about announcements addressing all facets of your technology stack – including new services, betas, strategic partnerships, third party integrations, and more. This recap blog summarizes each announcement and labels what capability is generally available (GA), in beta, or on our roadmap.

We delivered on critical capabilities requested by our customers – such as even more comprehensive phishing protection and deeper integrations with the Microsoft ecosystem. Looking ahead, we also described our roadmap for emerging technology categories like Digital Experience Monitoring and our vision to make it exceedingly simple to route traffic from any source to any destination through Cloudflare’s network.

Everything we launched is designed to help CIOs accelerate their pursuit of digital transformation. In this blog, we organized our announcement summaries based on the three feelings we want CIOs to have when they consider partnering with Cloudflare:

  1. CIOs now have a simpler roadmap to Zero Trust and SASE: We announced Continue reading

CIO Week 2023の要約

CIO Week 2023の要約
CIO Week 2023の要約

CIO Week 2023へようこその記事で、最高情報責任者が組織の安全性と生産性を維持するために行っている仕事を称えることで、1年をスタートさせたいという話をしました。

この一週間で、新サービス、ベータ版、戦略的パートナーシップ、サードパーティとの統合など、テクノロジースタックのあらゆる側面に関わる発表をご覧いただきました。この要約のブログでは、各発表を要約し、一般公開(GA)、ベータ版にある機能、またはロードマップ上に記載されている機能をラベル付けしています。

私たちは、さらに包括的なフィッシング対策機能Microsoftのエコシステムとのより深い統合機能など、お客様からご要望いただいた重要な機能を提供しました。今後については、Digital Experience Monitoringのような新しい技術カテゴリーのロードマップや、Cloudflareのネットワークを通じて任意のソースから任意の宛先へのトラフィックのルーティングを極めて簡単なものにするという私たちのビジョンについても説明しました。

私たちが立ち上げたものはすべて、CIOの方々へDXへの取り組みを加速していただくために設計されたものです。本ブログでは、CIOの方々がCloudflareとの提携を検討する際に抱いてほしい3つの感情を軸に、発表内容を整理しました。

  1. CIOの皆様によるZero TrustとSASEへのロードマップを策定がより簡単に:組織にZero Trustセキュリティベストプラクティスを採用し、Secure Access Service Edge(SASE)といった意欲的なアーキテクチャに移行しやすくする新機能と緊密な統合を発表しました。
  2. CIOの皆様が適切なテクノロジーとチャネルパートナーを見つけることを可能に:組織が適切な専門知識にアクセスして、すでに使用しているテクノロジーを使ってITとセキュリティを自分のペースで近代化するための統合とプログラミングを発表しました。
  3. CIOの皆様によるマルチクラウド戦略の合理化を簡単に:多様性を極めるクラウド環境間におけるトラフィックの接続、保護、高速化の新たな方法を発表しました。

Cloudflareが開催する多くの2023年イノベーションウィークの第1弾CIO Weekをご覧いただき、ありがとうございます。私たちのイノベーションのペースについていくのは時には難しいかもしれませんが、このブログを読み、私たちの要約のウェビナーに登録していただければ幸いです!

ITとセキュリティを近代化し、組織におけるごCIOの業務をより快適にする方法についてご相談されたい方は、こちらのフォームにご記入ください。

Zero TrustとSASEへの旅をシンプルに

アクセスの保護
これらのブログ記事では、Zero Trustの達成に必要な、よりきめ細かな制御と包括的な可視化により、すべてのユーザーがあらゆるアプリケーションに迅速、簡単、かつ安全に接続することに焦点を当てています。

ブログ まとめ
ベータ版: デジタルエクスペリエンスモニタリングのご紹介 Cloudflare Digital Experience Monitoringは、CIOが重要なアプリケーションやインターネットサービスが企業ネットワーク全体でどのように機能しているかを理解するためのオールインワンダッシュボードですベータ版アクセスに登録する。
ベータ版: WARP-to-WARPでCloudflare上のグローバルなプライベート仮想Zero Trustネットワーク構築を実現 WARP(Cloudflareのデバイスクライアント)を実行している組織内のデバイスは、ワンクリックでWARPを実行している他のデバイスにプライベートネットワーク経由で到達することができます。ベータ版アクセスに登録する。
一般公開: Cloudflare Accessの「ブロックされた」メッセージをトラブルシューティングする新たな方法 CloudflareのZero TrustプラットフォームでユーザIDのトラブルシューティングと同じレベルの容易さで、接続の経緯に基づいて、「許可」、または「ブロック」の決定を調査します。
ベータ版: 社内およびSaaSアプリケーション向けのワンクリックデータセキュリティ 分離されたブラウザでアプリケーションセッションを実行してユーザーが機密データを操作する方法を制御することで、機密データを保護しましょう – たったのワンクリックです。ベータ版アクセスに登録する。
一般公開: Cloudflare Access & Gatewayに対するSCIMの対応を発表 CloudflareのZTNA(Access)およびSWG(Gateway)サービスは、System for Cross-domain Identity Management(SCIM)プロトコルをサポートするようになったことで、管理者はシステム間でIDレコードを管理しやすくなりました。
一般公開: Cloudflare Zero Trust:1983年以来最もエキサイティングなPingのリリース Cloudflare Zero Trustの管理者は、ICMPプロトコルを使用する使い慣れたデバッグツール(Ping、Traceroute、MTRなど)を使用して、プライベートネットワークの宛先への接続をテストすることができます。

脅威防御

これらのブログ記事では、組織がフィッシング、ランサムウェア、その他のインターネットの脅威からユーザーを保護するために、トラフィックをフィルタリング、検査、分離することに焦点を当てています。

ブログ まとめ
一般公開: メールリンク分離:最新のフィッシング攻撃に対するセーフティネット 「メールリンク分離」は、ユーザーがクリックしてしまう可能性のある受信箱に届いた不審なリンクに対するセーフティネットです。この保護が追加されることで、Cloudflare Area 1は、フィッシング攻撃から守る最も包括的な電子メールセキュリティソリューションとなります。
一般公開: Cloudflare Gatewayに自社による証明書を導入 管理者は、独自のカスタム証明書を使用して、HTTP、DNS、CASB、DLP、RBI、その他のフィルタリングポリシーを適用することができます。
一般公開: カスタムDLPプロファイルを発表 Cloudflareのデータ喪失防止(DLP)サービスは、カスタム検出を作成する機能を提供したことで、組織はトラフィックを検査して最も機密性の高いデータを検出できるようになりました。
一般公開: マネージドサービスプロバイダー向けCloudflare Zero Trust 米国連邦政府をはじめとする大規模なマネージドサービスプロバイダ(MSP)が、CloudflareのテナントAPIを利用して、管理する組織全体にDNSフィルタリングなどのセキュリティポリシーを適用している事例をご紹介します。

セキュアなSaaS環境

これらのブログ記事では、SaaSアプリケーション環境において一貫したセキュリティと可視性を維持し、特に機密データの漏洩を防止することに焦点を当てています。

ブログ まとめ
ロードマップ: Cloudflare CASB とDLPが連携してデータを保護する仕組み Cloudflare Zero Trustは、CASBサービスとDLPサービス間で、管理者がSaaSアプリケーションに保存されているファイルを覗き見して、その中の機密データを特定できる機能を導入する予定です。
ロードマップ: Cloudflare Area 1 とDLPが連携してメール内のデータを保護する仕組み Cloudflareでは、Area 1 Email Securityとデータ喪失防止(DLP)の機能を組み合わせ、企業のEメールに完全なデータ保護を提供します。
一般公開: Cloudflare CASB:SalesforceとBoxのセキュリティ上の問題をスキャン Cloudflare CASBは、SalesforceおよびBoxと統合し、ITおよびセキュリティチームがこれらのSaaS環境に潜むセキュリティリスクのスキャンを可能にします。

接続の高速化と保護
Iこのセクションのブログ記事では、製品の機能に加えて、組織がCloudflareを利用して実現している速度やその他の戦略的なメリットについて紹介しています。

China Express: Cloudflare partners to boost performance in China for corporate networks

China Express: Cloudflare partners to boost performance in China for corporate networks
China Express: Cloudflare partners to boost performance in China for corporate networks

Cloudflare has been helping global organizations offer their users a consistent experience all over the world. This includes mainland China, a market our global customers cannot ignore but that continues to be challenging for infrastructure teams trying to ensure performance, security and reliability for their applications and users both in and outside mainland China. We are excited to announce China Express — a new suite of capabilities and best practices in partnership with our partners China Mobile International (CMI) and CBC Tech — that help address some of these performance challenges and ensure a consistent experience for customers and employees everywhere.

Cloudflare has been providing Application Services to users in mainland China since 2015, improving performance and security using in-country data centers and caching. Today, we have a presence in 30 cities in mainland China thanks to our strategic partnership with JD Cloud. While this delivers significant performance improvements, some requests still need to go back to the origin servers which may live outside mainland China. With limited international Internet gateways and restrictive cross-border regulations, international traffic has a very high latency and packet drop rate in and out of China. This results in inconsistent cached content within China and Continue reading

Cloudflare Application Services for private networks: do more with the tools you already love

Cloudflare Application Services for private networks: do more with the tools you already love
Cloudflare Application Services for private networks: do more with the tools you already love

Cloudflare’s Application Services have been hard at work keeping Internet-facing websites and applications secure, fast, and reliable for over a decade. Cloudflare One provides similar security, performance, and reliability benefits for your entire corporate network. And today, we’re excited to announce new integrations that make it possible to use these services together in new ways. These integrations unlock operational and cost efficiencies for IT teams by allowing them to do more with fewer tools, and enable new use cases that are impossible without Cloudflare’s  “every service everywhere” architecture.

“Just as Canva simplifies graphic design, Cloudflare simplifies performance and security. Thanks to Cloudflare, we can focus on growing our product and expanding into new markets with confidence, knowing that our platform is fast, reliable, and secure.” - Jim Tyrrell, Head of Infrastructure, Canva

Every service everywhere, now for every network

One of Cloudflare’s fundamental architectural principles has always been to treat our network like one homogeneous supercomputer. Rather than deploying services in specific locations - for example, using some of our points of presence to enforce WAF policies, others for Zero Trust controls, and others for traffic optimization - every server runs a virtually identical stack of all of Continue reading

Cloudflare Zero Trust for managed service providers

Cloudflare Zero Trust for managed service providers
Cloudflare Zero Trust for managed service providers

As part of CIO week, we are announcing a new integration between our DNS Filtering solution and our Partner Tenant platform that supports parent-child policy requirements for our partner ecosystem and our direct customers. Our Tenant platform, launched in 2019, has allowed Cloudflare partners to easily integrate Cloudflare solutions across millions of customer accounts. Cloudflare Gateway, introduced in 2020, has grown from protecting personal networks to Fortune 500 enterprises in just a few short years. With the integration between these two solutions, we can now help Managed Service Providers (MSPs) support large, multi-tenant deployments with parent-child policy configurations and account-level policy overrides that seamlessly protect global employees from threats online.

Why work with Managed Service Providers?

Managed Service Providers (MSPs) are a critical part of the toolkit of many CIOs. In the age of disruptive technology, hybrid work, and shifting business models, outsourcing IT and security operations can be a fundamental decision that drives strategic goals and ensures business success across organizations of all sizes. An MSP is a third-party company that remotely manages a customer's information technology (IT) infrastructure and end-user systems. MSPs promise deep technical knowledge, threat insights, and tenured expertise across a variety Continue reading

Give us a ping. (Cloudflare) One ping only.

Give us a ping. (Cloudflare) One ping only.
Give us a ping. (Cloudflare) One ping only.

Ping was born in 1983 when the Internet needed a simple, effective way to measure reachability and distance. In short, ping (and subsequent utilities like traceroute and MTR)  provides users with a quick way to validate whether one machine can communicate with another. Fast-forward to today and these network utility tools have become ubiquitous. Not only are they now the de facto standard for troubleshooting connectivity and network performance issues, but they also improve our overall quality of life by acting as a common suite of tools almost all Internet users are comfortable employing in their day-to-day roles and responsibilities.

Making network utility tools work as expected is very important to us, especially now as more and more customers are building their private networks on Cloudflare. Over 10,000 teams now run a private network on Cloudflare. Some of these teams are among the world's largest enterprises, some are small crews, and yet others are hobbyists, but they all want to know - can I reach that?

That’s why today we’re excited to incorporate support for these utilities into our already expansive troubleshooting toolkit for Cloudflare Zero Trust. To get started, sign up to receive beta access and start using the Continue reading

Announcing SCIM support for Cloudflare Access & Gateway

Announcing SCIM support for Cloudflare Access & Gateway
Announcing SCIM support for Cloudflare Access & Gateway

Today, we're excited to announce that Cloudflare Access and Gateway now support the System for Cross-domain Identity Management (SCIM) protocol. Before we dive into what this means, let's take a step back and review what SCIM, Access, and Gateway are.

SCIM is a protocol that enables organizations to manage user identities and access to resources across multiple systems and domains. It is often used to automate the process of creating, updating, and deleting user accounts and permissions, and to keep these accounts and permissions in sync across different systems.

Announcing SCIM support for Cloudflare Access & Gateway

For example, most organizations have an identity provider, such as Okta or Azure Active Directory, that stores information about its employees, such as names, addresses, and job titles. The organization also likely uses cloud-based applications for collaboration. In order to access the cloud-based application, employees need to create an account and log in with a username and password. Instead of manually creating and managing these accounts, the organization can use SCIM to automate the process. Both the on-premise system and the cloud-based application are configured to support SCIM.

When a new employee is added to, or removed from, the identity provider, SCIM automatically creates an account for that employee in the Continue reading

Zone Versioning is now generally available

Zone Versioning is now generally available
Zone Versioning is now generally available

Today we are announcing the general availability of Zone Versioning for enterprise customers. Zone Versioning allows you to safely manage zone configuration by versioning changes and choosing how and when to deploy those changes to defined environments of traffic. Previously announced as HTTP Applications, we have redesigned the experience based on testing and feedback to provide a seamless experience for customers looking to safely rollout configuration changes.

Problems with making configuration changes

There are two problems we have heard from customers that Zone Versioning aims to solve:

  1. How do I test changes to my zone safely?
  2. If I do end up making a change that impacts my traffic negatively, how can I quickly revert that change?

Customers have worked out various ways of solving these problems. For problem #1, customers will create staging zones that live on a different hostname, often taking the form staging.example.com, that they make changes on first to ensure that those changes will work when deployed to their production zone. When making more than one change this can become troublesome as they now need to keep track of all the changes made to make the exact same set of changes on the Continue reading

API-based email scanning

API-based email scanning
API-based email scanning

The landscape of email security is constantly changing. One aspect that remains consistent is the reliance of email as the beginning for the majority of threat campaigns. Attackers often start with a phishing campaign to gather employee credentials which, if successful, are used to exfiltrate data, siphon money, or perform other malicious activities. This threat remains ever present even as companies transition to moving their email to the cloud using providers like Microsoft 365 or Google Workspace.

In our pursuit to help build a better Internet and tackle online threats, Cloudflare offers email security via our Area 1 product to protect all types of email inboxes - from cloud to on premise. The Area 1 product analyzes every email an organization receives and uses our threat models to assess if the message poses risk to the customer. For messages that are deemed malicious, the Area 1 platform will even prevent the email from landing in the recipient's inbox, ensuring that there is no chance for the attempted attack to be successful.

We try to provide customers with the flexibility to deploy our solution in whatever way they find easiest. Continuing in this pursuit to make our solution as turnkey as Continue reading

New: Scan Salesforce and Box for security issues

New: Scan Salesforce and Box for security issues
New: Scan Salesforce and Box for security issues

Today, we’re sharing the release of two new SaaS integrations for Cloudflare CASB - Salesforce and Box - in order to help CIOs, IT leaders, and security admins swiftly identify looming security issues present across the exact type of tools housing this business-critical data.

Recap: What is Cloudflare CASB?

Released in September, Cloudflare’s API CASB has already proven to organizations from around the world that security risks - like insecure settings and inappropriate file sharing - can often exist across the friendly SaaS apps we all know and love, and indeed pose a threat. By giving operators a comprehensive view of the issues plaguing their SaaS environments, Cloudflare CASB has allowed them to effortlessly remediate problems in a timely manner before they can be leveraged against them.

But as both we and other forward-thinking administrators have come to realize, it’s not always Microsoft 365, Google Workspace, and business chat tools like Slack that contain an organization’s most sensitive information.

Scan Salesforce with Cloudflare CASB

The first Software-as-a-Service. Salesforce, the sprawling, intricate, hard-to-contain Customer Relationship Management (CRM) platform, gives workforces a flexible hub from which they can do just as the software describes: manage customer relationships. Whether it be tracking Continue reading

Expanding our Microsoft collaboration: proactive and automated Zero Trust security for customers

Expanding our Microsoft collaboration: proactive and automated Zero Trust security for customers
Expanding our Microsoft collaboration: proactive and automated Zero Trust security for customers

As CIOs navigate the complexities of stitching together multiple solutions, we are extending our partnership with Microsoft to create one of the best Zero Trust solutions available. Today, we are announcing four new integrations between Azure AD and Cloudflare Zero Trust that reduce risk proactively. These integrated offerings increase automation allowing security teams to focus on threats versus implementation and maintenance.

What is Zero Trust and why is it important?

Zero Trust is an overused term in the industry and creates a lot of confusion. So, let's break it down. Zero Trust architecture emphasizes the “never trust, always verify” approach. One way to think about it is that in the traditional security perimeter or “castle and moat” model, you have access to all the rooms inside the building (e.g., apps) simply by having access to the main door (e.g., typically a VPN).  In the Zero Trust model you would need to obtain access to each locked room (or app) individually rather than only relying on access through the main door. Some key components of the Zero Trust model are identity e.g., Azure AD (who), apps e.g., a SAP instance or a custom Continue reading

Email Link Isolation: your safety net for the latest phishing attacks

Email Link Isolation: your safety net for the latest phishing attacks
Email Link Isolation: your safety net for the latest phishing attacks

Email is one of the most ubiquitous and also most exploited tools that businesses use every single day. Baiting users into clicking malicious links within an email has been a particularly long-standing tactic for the vast majority of bad actors, from the most sophisticated criminal organizations to the least experienced attackers.

Even though this is a commonly known approach to gain account access or commit fraud, users are still being tricked into clicking malicious links that, in many cases, lead to exploitation. The reason is simple: even the best trained users (and security solutions) cannot always distinguish a good link from a bad link.

On top of that, securing employees' mailboxes often results in multiple vendors, complex deployments, and a huge drain of resources.

Email Link Isolation turns Cloudflare Area 1 into the most comprehensive email security solution when it comes to protecting against phishing attacks. It rewrites links that could be exploited, keeps users vigilant by alerting them of the uncertainty around the website they’re about to visit, and protects against malware and vulnerabilities through the user-friendly Cloudflare Browser Isolation service. Also, in true Cloudflare fashion,  it’s a one-click deployment.

With more than a couple Continue reading

How Cloudflare Area 1 and DLP work together to protect data in email

How Cloudflare Area 1 and DLP work together to protect data in email
How Cloudflare Area 1 and DLP work together to protect data in email

Threat prevention is not limited to keeping external actors out, but also keeping sensitive data in. Most organizations do not realize how much confidential information resides within their email inboxes. Employees handle vast amounts of sensitive data on a daily basis, such as intellectual property, internal documentation, PII, or payment information and often share this information internally via email making email one of the largest locations confidential information is stored within a company. It comes as no shock that organizations worry about protecting the accidental or malicious egress of sensitive data and often address these concerns by instituting strong Data Loss Prevention policies. Cloudflare makes it easy for customers to manage the data in their email inboxes with Area 1 Email Security and Cloudflare One.

Cloudflare One, our SASE platform that delivers network-as-a-service (NaaS) with Zero Trust security natively built-in, connects users to enterprise resources, and offers a wide variety of opportunities to secure corporate traffic, including the inspection of data transferred to your corporate email. Area 1 email security, as part of our composable Cloudflare One platform, delivers the most complete data protection for your inbox and offers a cohesive solution when including additional services, such as Data Loss Continue reading

One-click data security for your internal and SaaS applications

One-click data security for your internal and SaaS applications
One-click data security for your internal and SaaS applications

Most of the CIOs we talk to want to replace dozens of point solutions as they start their own Zero Trust journey. Cloudflare One, our comprehensive Secure Access Service Edge (SASE) platform can help teams of any size rip out all the legacy appliances and services that tried to keep their data, devices, and applications safe without compromising speed.

We also built those products to work better together. Today, we’re bringing Cloudflare’s best-in-class browser isolation technology to our industry-leading Zero Trust access control product. Your team can now control the data in any application, and what a user can do in the application, with a single click in the Cloudflare dashboard. We’re excited to help you replace your private networks, virtual desktops, and data control boxes with a single, faster solution.

Zero Trust access control is just the first step

Most organizations begin their Zero Trust migration by replacing a virtual private network (VPN). VPN deployments trust too many users by default. In most configurations, any user on a private network can reach any resource on that same network.

The consequences vary. On one end of the spectrum, employees in marketing can accidentally stumble upon payroll amounts for the Continue reading

Improved access controls: API access can now be selectively disabled

Improved access controls: API access can now be selectively disabled
Improved access controls: API access can now be selectively disabled

Starting today, it is possible to selectively scope API access to your account to specific users.

We are making it easier for account owners to view and manage the access their users have on an account by allowing them to restrict API access to the account. Ensuring users have the least amount of access they need, and maximizing visibility of the access is critical, and our move today is another step in this direction.

When Cloudflare was first introduced, a single user had access to a single account. As we have been adopted by larger enterprises, the need to maximize access granularity and retain control of an account has become progressively more important. Nowadays, enterprises using Cloudflare could have tens or hundreds of users on an account, some of which need to do account configuration, and some that do not. In addition, to centralize the configuration of the account, some enterprises have a need for service accounts, or those shared between several members of an organization.

While account owners have always been able to restrict access to an account by their users, they haven’t been able to view the keys and tokens created by their users. Restricting use of the Continue reading

How Cloudflare CASB and DLP work together to protect your data

How Cloudflare CASB and DLP work together to protect your data
How Cloudflare CASB and DLP work together to protect your data

Cloudflare’s Cloud Access Security Broker (CASB) scans SaaS applications for misconfigurations, unauthorized user activity, shadow IT, and other data security issues. Discovered security threats are called out to IT and security administrators for timely remediation, removing the burden of endless manual checks on a long list of applications.

But Cloudflare customers revealed they want more information available to assess the risk associated with a misconfiguration. A publicly exposed intramural kickball schedule is not nearly as critical as a publicly exposed customer list, so customers want them treated differently. They asked us to identify where sensitive data is exposed, reducing their assessment and remediation time in the case of leakages and incidents. With that feedback, we recognized another opportunity to do what Cloudflare does best: combine the best parts of our products to solve customer problems.

What’s underway now is an exciting effort to provide Zero Trust users a way to get the same DLP coverage for more than just sensitive data going over the network: SaaS DLP for data stored in popular SaaS apps used by millions of organizations.

With these upcoming capabilities, customers will be able to connect their SaaS applications in just a few clicks and scan them Continue reading

Announcing the Authorized Partner Service Delivery Track for Cloudflare One

Announcing the Authorized Partner Service Delivery Track for Cloudflare One

This post is also available in 简体中文, 日本語, Deutsch, Français, Español.

Announcing the Authorized Partner Service Delivery Track for Cloudflare One

In this Sunday’s Welcome to CIO Week blog, we talked about the value for CIOs in finding partners for long term digital transformation initiatives. As the adage goes, “If you want to go fast, go alone, if you want to go far, go together.”

As Cloudflare has expanded into new customer segments and emerging market categories like SASE and Zero Trust, we too have increasingly focused on expanding our relationship with go-to-market partners (e.g. service providers, implementation / consulting firms, system integrators, and more). Because security and network transformation can feel inherently daunting, customers often need strategic advice and practical support when implementing Cloudflare One – our SASE platform of Zero Trust security and networking services. These partners play a pivotal role in easing customer adoption by helping them assess, implement, and manage our services.

This blog is primarily intended for prospective and current Cloudflare go-to-market channel partners and highlights how we have grown our partnership program over the past year and will continue to, going forward.

Cloudflare One: fastest growing portfolio among Cloudflare partners

Over the past year, adoption of Cloudflare Continue reading

1 30 31 32 33 34 137