All about Internet Measurement, Resilience, and Transparency
In this episode, host João Tomé talks with Marwan Fayed, Principal Scientist and Research Lead at Cloudflare, about the science behind understanding and improving the Internet.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Beyond IP lists: a registry format for bots and agents
As bots and agents start cryptographically signing their requests, there is a growing need for website operators to learn public keys as they are setting up their service. I might be able to find the public key material for well-known fetchers and crawlers, but what about the next 1,000 or next 1,000,000? And how do I find their public key material in order to verify that they are who they say they are? This problem is called discovery.
Anonymous credentials: rate-limiting bots and agents without compromising privacy
The way we interact with the Internet is changing. Not long ago, ordering a pizza meant visiting a website, clicking through menus, and entering your payment details. Soon, you might just ask your phone to order a pizza that matches your preferences. A program on your device or on a remote server, which we call an AI agent, would visit the website and orchestrate the necessary steps on your behalf.
Policy, privacy and post-quantum: anonymous credentials for everyone
The Internet is in the midst of one of the most complex transitions in its history: the migration to post-quantum (PQ) cryptography. Making a system safe against quantum attackers isn't just a matter of replacing elliptic curves and RSA with PQ alternatives, such as ML-KEM and ML-DSA. These algorithms have higher costs than their classical counterparts, making them unsuitable as drop-in replacements in many situations.
A Guide to Cloudflare Load Balancing Setup (Step-by-Step Walkthrough)
Setting up Cloudflare Load Balancing (LB) made easy! In this in-depth tutorial, we walk you through the essential pre-activation steps for Cloudflare Load Balancing. From understanding the core concepts to configuring your initial pools and health checks, this video covers everything you need to know to get started. If you're looking to improve your website's uptime, latency, and availability, this is the place to start.
Defending QUIC from acknowledgement-based DDoS attacks
On April 10th, 2025 12:10 UTC, a security researcher notified Cloudflare of two vulnerabilities (CVE-2025-4820 and CVE-2025-4821) related to QUIC packet acknowledgement (ACK) handling, through our Public Bug Bounty program. These were DDoS vulnerabilities in the quiche library, and Cloudflare services that use it. quiche is Cloudflare's open-source implementation of QUIC protocol, which is the transport protocol behind HTTP/3.
Keeping the Internet fast and secure: introducing Merkle Tree Certificates
The world is in a race to build its first quantum computer capable of solving practical problems not feasible on even the largest conventional supercomputers. While the quantum computing paradigm promises many benefits, it also threatens the security of the Internet by breaking much of the cryptography we have come to rely on. To mitigate this threat, Cloudflare is helping to migrate the Internet to Post-Quantum (PQ) cryptography.
Is Your Security Quantum-Ready?
Post-quantum cryptography is coming, and the impact on our defenses will be significant. That’s why NIST and the Australian Signals Directorate recommend being quantum ready by 2030. Threat actors could collect sensitive data today and decrypt it later, so preparation is critical.
Unlock Deeper Insights: Mastering Cloudflare Log Explorer for Better Security & Performance
Cloudflare Log Explorer is the native observability and forensics tool designed to give security teams and developers unparalleled, granular access to Cloudflare traffic logs directly within the dashboard. Key benefits include: Understanding your traffic patterns is fundamental to optimizing for peak performance and maintaining a robust security posture.
Securing agentic commerce: helping AI Agents transact with Visa and Mastercard
The era of agentic commerce is coming, and it brings with it significant new challenges for security. That’s why Cloudflare is partnering with Visa and Mastercard to help secure automated commerce as AI agents search, compare, and purchase on behalf of consumers. Through our collaboration, Visa developed the Trusted Agent Protocol and Mastercard developed Agent Pay to help merchants distinguish legitimate, approved agents from malicious bots.