Cloudflare One introduces a unified data security vision spanning endpoints, SaaS, and AI prompts with several new enforcement features.
This article explains how Cloudflare implemented Dynamic Path MTU Discovery (PMTUD) in the Cloudflare One Client to eliminate silent packet drops caused by MTU mismatches on network paths.
Cloudflare rebuilt the proxy mode of the Cloudflare One Client by replacing WireGuard and smoltcp with QUIC-based direct L4 proxying to eliminate performance bottlenecks.
Cloudflare introduces Automatic Return Routing (ARR), a stateful tracking solution that resolves IP address overlap in enterprise private networks without NAT or VRF configuration.
This article introduces Cloudflare's always-on Attack Signature Detection framework that eliminates the traditional WAF trade-off between log visibility and block protection.
Cloudflare announces two new SASE tools—mandatory authentication and independent MFA—to close enforcement gaps in zero trust deployments.
This article discusses Cloudflare's partnership with Nametag to counter deepfake-enabled identity fraud and the growing "remote IT worker" threat through identity-verified zero trust onboarding.
Cloudflare introduces the Gateway Authorization Proxy, enabling identity-based traffic filtering for unmanaged devices without requiring client software installation.
Cloudflare introduces User Risk Scoring integrated into zero trust network access (ZTNA) policies on its Cloudflare One SASE platform.
Cloudflare evolved its Threat Intelligence Platform to eliminate ETL pipelines using a sharded, SQLite-backed Durable Objects architecture with GraphQL running at the edge.
Cloudflare's 2026 Threat Report details a shift from brute-force attacks to high-trust exploitation, measured by attacker Measure of Effectiveness (MOE).
This post explains how Cloudflare's LLM-powered 'Cloudy' layer translates complex ML security signals into clear, actionable human-readable guidance within Cloudflare One.
