Engineering posts about Threat Modeling
Curated summaries and key learnings for engineers working with Threat Modeling.
Announcing Claude Compliance API support with Cloudflare CASB
The article announces the integration of the Claude Compliance API with Cloudflare's Cloud Access Security Broker (CASB), enabling organizations to monitor AI application usage for compliance and...
How security teams can report cyber risk to boards
The article outlines the importance of translating cyber risk into financial terms to enable boards to make informed decisions regarding security investments. It emphasizes the need for coherent risk...
Alert Fatigue Is a Business Risk
The article highlights the critical issue of alert fatigue in enterprise security operations, where the overwhelming volume of alerts leads to significant risks as analysts struggle to prioritize and...
Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver
The article outlines Cloudflare's ongoing commitment to privacy regarding its 1.1.1.1 public DNS resolver, emphasizing the importance of trust in handling personal data. It details the independent...
Agentic AI Security: New Risks and Controls in the Databricks AI Security Framework (DASF v3.0)
The Databricks AI Security Framework (DASF) has been updated to include Agentic AI as its 13th component, introducing 35 new technical security risks and 6 mitigation controls tailored for the...
Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans
Cloudflare has introduced a suite of fraud prevention capabilities aimed at mitigating account abuse from both automated bots and human attackers. Key features include leaked credentials detection,...
AI Security for Apps is now generally available
Cloudflare has announced the general availability of its AI Security for Apps, a solution designed to detect and mitigate threats specifically targeting AI-powered applications. This tool provides...
Building a security overview dashboard for actionable insights
The article presents a comprehensive overview of a newly developed security dashboard designed to enhance the efficiency of security teams by providing actionable insights rather than mere...
Investigating multi-vector attacks in Log Explorer
The article discusses the complexities of modern multi-vector attacks in cybersecurity, emphasizing the necessity for comprehensive visibility through tools like Cloudflare Log Explorer. It outlines...
Fixing request smuggling vulnerabilities in Pingora OSS deployments
The article addresses critical HTTP/1.x request smuggling vulnerabilities identified in the Pingora open source framework, particularly when deployed as an ingress proxy. It outlines the nature of...
How Advanced Browsing Protection Works in Messenger
The article discusses the implementation of Advanced Browsing Protection (ABP) in Messenger, focusing on the technical challenges and infrastructure necessary to protect user privacy while analyzing...
Stop reacting to breaches and start preventing them with User Risk Scoring
The article presents a proactive approach to cybersecurity by integrating User Risk Scoring into zero trust network access (ZTNA) policies. It outlines how Cloudflare One's platform allows security...
Always-on detections: eliminating the WAF “log versus block” trade-off
The article presents a novel approach to web application security through the introduction of always-on detections that eliminate the traditional trade-off between logging and blocking malicious...
Introducing the 2026 Cloudflare Threat Report
The 2026 Cloudflare Threat Report outlines significant shifts in the cybersecurity landscape, emphasizing the transition from brute force attacks to high-trust exploitation strategies employed by...
2025 Q4 DDoS threat report: A record-setting 31.4 Tbps attack caps a year of massive DDoS assaults
The 2025 Q4 DDoS threat report by Cloudflare reveals a significant escalation in DDoS attacks, with a record-setting attack of 31.4 Tbps marking a year of unprecedented assaults. The report...
Understanding AI Security
The article discusses the critical importance of AI security in protecting data, models, and infrastructure from various threats, including unauthorized access and data poisoning. It emphasizes the...
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy OpenClaw
The article discusses the development of a security-hardened 1-Click Deploy solution for OpenClaw, an open-source AI assistant. It emphasizes the importance of secure communications through TLS, the...
Technical Deep Dive: How we Created a Security-hardened 1-Click Deploy Moltbot
The article outlines the development of a security-hardened 1-Click Deploy solution for OpenClaw, an AI assistant, emphasizing the importance of secure deployment practices. It discusses the...
Securing the Grid: A Practical Guide to Cyber Analytics for Energy & Utilities
The article outlines the critical cybersecurity challenges faced by the Energy & Utilities sector, particularly due to the convergence of IT and operational technology (OT) systems. It emphasizes the...
React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques
The article discusses the React2Shell vulnerability (CVE-2025-55182), a critical Remote Code Execution (RCE) flaw affecting React Server Components (RSC). Following its disclosure, the Cloudforce One...