Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

Cloudflare Introduces AI Security Solutions

Cloudflare introduces security products that use AI, protect AI, and defend against AI-enhanced phishing.

Cloudflare on Monday announced a series of new security products that leverage AI, protect AI solutions, or defend against AI-enhanced phishing.

To improve its customers’ analytics abilities, Cloudflare introduced an AI assistant in the Security Analytics section of its dashboard, to help identify anomalies and cyberattacks faster by eliminating the complexity of using multiple tools and filters.

The assistant leverages Cloudflare’s Workers AI to generate charts based on customer queries by applying filters and pooling the necessary data and logs in a single graph.

With the new AI assistant, the company says, customers can use natural language to get insights into their application security, such as spikes in traffic, the root cause of 5xx errors, identify bot attacks and unwanted automated traffic, and more.

Currently available in beta for Cloudflare’s business and enterprise customers, the solution only supports basic inquiries.

Another AI-powered solution that Cloudflare uses to improve security products is Defensive AI, a framework that leverages data generated by its network to improve protections against threats, including against AI-powered attacks.

“At Cloudflare, we use AI to increase the level of protection across all security areas, ranging from application security to email security and our Zero Trust platform. This includes creating customized protection for every customer for API or email security, or using our huge amount of attack data to train models to detect application attacks that haven’t been discovered yet,” the company says.

To protect APIs, Cloudflare is building API Anomaly Detection for API Gateway, which leverages ML to learn the business logic of applications and builds a model that it then uses to identify attacks. Customers can now sign up for the beta release of API Anomaly Detection.

Advertisement. Scroll to continue reading.

Cloudflare products such as Web Application Firewall (WAF), Email Security service, and Zero Trust rely on AI to identify cyberattacks, analyze phishing patterns, and identify anomalies in user behavior to create user risk scoring.

AI, however, is also being used to conduct cyberattacks, not only prevent them, especially in phishing, where generative AI solutions and LLMs have led to more personalized lures being delivered to potential victims.

According to Cloudflare, however, despite threat actors’ change in techniques, its preemptive scanning approach to detecting malicious emails allows it to keep customers and users protected.

“Even though the use of LLMs is a tool that attackers are deploying more frequently today, there will be others in the future, and we will be able to defend our customers from those threats as well,” Cloudflare says.

On Monday, Cloudflare also announced Firewall for AI, a solution meant to protect LLMs by detecting vulnerabilities, analyzing prompts submitted by users to identify potential abuse attempts, preventing denial of service attempts, and identifying sensitive information returned by the model.

Firewall for AI includes a series of tools already available in WAF, such as Rate Limiting and Sensitive Data Detection, along with a prompt validation feature meant to identify abuses such as prompt injection attempts, which is still under development.

“This new validation analyzes the prompt submitted by the end user to identify attempts to exploit the model to extract data and other abuse attempts. Leveraging the size of Cloudflare network, Firewall for AI runs as close to the user as possible, allowing us to identify attacks early and protect both end user and models from abuses and attacks,” the company says.

The Advanced Rate Limiting and Sensitive Data Detection features are already available for Cloudflare’s enterprise customers on the Application Security Advanced offering. Firewall for AI’s prompt validation feature will be released for all Workers AI users in the coming months.

Related: Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Related: Cloudflare Unveils New Secrets Management Solution

Related: Cloudflare Announces New Security Tools for Email, Applications, APIs

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Cody Barrow has been appointed the new CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

Attack detection firm Vectra AI has appointed Jeff Reed to the newly created role of Chief Product Officer.

More People On The Move

Expert Insights

Related Content

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Artificial Intelligence

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

Application Security

Thinking through the good, the bad, and the ugly now is a process that affords us “the negative focus to survive, but a positive...

Artificial Intelligence

Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.