Security - Code Locket

Locking down your JavaScript: positive blocking with Page Shield policies

Blog post created on 2023-03-13

How Cloudflare can help stop malware before it reaches your app

Blog post created on 2023-01-04

Black Hat MEA 2022: Cloudflare Application Security trends

Talk given on 2022-11-15

Page Shield can now watch for malicious outbound connections made by third-party JavaScript code

Blog post created on 2022-10-21

The Future of Page Rules: putting more power in the hands of users

Blog post created on 2022-09-27

Cloudflare named a Leader in WAF by Forrester

Blog post created on 2022-09-27

Account level WAF + Adaptive DDoS Protection and Advanced DDoS Alerts

Blog post created on 2022-09-20

Cloudflare named a Leader by Gartner

Blog post created on 2022-09-06

Cloudflare observations of Confluence zero day (CVE-2022-26134)

Blog post created on 2022-06-05

WAF mitigations for Spring4Shell

Blog post created on 2022-03-31

Application security: Cloudflare’s view

Blog post created on 2022-03-21

A discussion about Log4J

Blog post created on 2022-03-18

Cloudflare Page Shield: One Quarter In

Blog post created on 2022-03-17

Bots: The Good, The Bad, and The Ugly

Blog post created on 2022-03-16

WAF for everyone: protecting the web from high severity vulnerabilities

Blog post created on 2022-03-15

Welcome to Security Week 2022!

Blog post created on 2022-03-13

CIO Week: Page Shield, UDP and Private DNS, k8s and Tunnels

Talk given on 2021-12-08

Page Shield is generally available

Blog post created on 2021-12-08

Get notified when your site is under attack

Blog post created on 2021-12-03

Helping Apache Servers stay safe from zero-day path traversal attacks (CVE-2021-41773)

Blog post created on 2021-09-08

How Cloudflare helped mitigate the Atlassian Confluence OGNL vulnerability before the PoC was released

Blog post created on 2021-08-09

Account Takeover Protection and WAF mitigations to help stop Global Brute Force Campaigns

Blog post created on 2021-07-01

End User Security: Account Takeover Protections with Cloudflare

Blog post created on 2021-03-30

A New Cloudflare Web Application Firewall

Blog post created on 2021-03-29

How to Ensure You're Launching the Most Secure Website

Talk given on 2021-03-04

Latest from Product and Engineering 2020 - WAF

Talk given on 2020-12-16

Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)

Blog post created on 2020-12-11

How robust is your organisation's cyber resilience?

Talk given on 2020-09-26

Miscellaneous Web Security Cloudflare

Ask a Solutions Engineer

Talk given on 2020-06-10

CVE-2020-5902: Helping to protect against the F5 TMUI RCE vulnerability

Blog post created on 2020-07-07

SYN Flood Basics

Blog post created on 2019-11-30

Python DDoS Security

Security Architecture in a Post VPN Landscape

Talk given on 2019-11-07

Modern DDoS Trends

Talk given on 2019-10-15

DDoS Security

The Zero Trust Concept

Talk given on 2018-06-07

(D)DoS Attacks

Talk given on 2018-02-06

Python DDoS Security

DNS Amplification Basics

Blog post created on 2018-02-04

Python DDoS Security

DDoS Attack Mitigation at Scale

Talk given on 2017-06-08

DDoS Security

Token Authentication for Cached Private Content and APIs

Blog post created on 2017-01-10