Application Security

Cloudflare Introduces Email Security Tools, Free WAF Ruleset, and API Gateway

Cloudflare Introduces Email Security Tools, Free WAF Ruleset, and API Gateway
Written by ga_dahmani
Cloudflare Introduces Email Security Tools, Free WAF Ruleset, and API Gateway

Cloudflare is bolstering its suite of web infrastructure and security offerings with a free web application firewall (WAF) managed ruleset service, a new API management gateway, and once it closes its recently announced acquisition of Area 1 Security, a suite of email tools designed to thwart phishing and malware attacks.

Cloudflare announced in late February that would pay $162 million to acquire Area 1that has developed a cloud-native security platform designed to use machine learning to detect and block phishing and malware attacks. The deal is expected to close early in the second quarter.

“Email remains one of the biggest security threats facing organizations of all sizes,” says Patrick Donahue, vice president of products at Cloudflare. “By adding Area 1 Security’s email security to our Zero Trust suite to stop phishing, malware, and business email compromise, we’re closing off one of the biggest security risks our customers have.”

The new email security tools will integrate with Cloudflare’s suite of zero-trust solutions and will be able to use email data to trigger additional security actions, such as automatically routing suspicious links through remote browser isolation or displaying email information. phishing within the recently launched Cloudflare Security Center.

The Cloudflare Security Center offers a single pane of glass to manage your IT assets, security risks, and vulnerabilities. With the addition of Area 1 capabilities, Cloudflare says its goal is to replace expensive and difficult-to-implement legacy email security solutions.

“Cloudflare and Area 1 will leverage each company’s extensive threat intelligence sources to improve the effectiveness of threat prevention,” says Patrick Sweeney, CEO of Area 1. “Area 1 intelligence typically identifies phishing campaigns 24 days before launch, which is the first time in the industry. With Cloudflare, we will extend this leadership within cloud-native email security solutions.

WAF Managed Free Ruleset

Area 1 capabilities were part of the slew of announcements Cloudflare made this week.

“Cloudflare has added a trifecta of robust security solutions, and given the state of the global cyber risk environment, the timing couldn’t be better,” says Gary McAlum, Analyst at TAG Cyber.

Cloudflare also revealed that it plans to provide a set of Cloudflare WAF (Web Application Firewall) managed rules to all its customers, free of charge.

Cloudflare offers a Free zone security plan, which allows organizations to use the basic services offered by the Cloudflare network of reverse proxy servers —servers that sit in front of an organization’s web servers and perform security and performance-enhancing tasks, such as detecting browser requests. Customers pay for more advanced services.

The new rule set, which provides rules to filter requests to web servers, will work in addition to the new Cloudflare rules. waffle Engine, first announced in March 2021.

“This will especially benefit small and medium-sized businesses (SMBs) that lack the staff and resources to deal with the upcoming Heartbleed or Log4j vulnerability, which are increasingly being targeted by cybercriminals,” says McAlum.

The rule set is designed to minimize false positives across a wide range of traffic types. Customers will be able to disable the rule set, if necessary, or configure the traffic filter or individual rules.

Upon release, the rule set will contain three types of mitigation rules:

  • Log4J rules matching payloads in URI and HTTP headers
  • concussion rules
  • Rules that match very common WordPress exploits

WAF rule sets are designed to protect against vulnerabilities arising from compromised or unpatched web applications. Upon deployment, if a specific rule matches a request to a web server, an event is fired on the Security Overview tab in the WAF UI dashboard, allowing users to inspect the request.

The new managed ruleset is designed to be a base-level WAF asset that Cloudflare will update whenever a relevant, wide-ranging vulnerability is discovered. Updates will be posted to the company’s changelogs for customers to view and implement directly when they become available.

To access the broader set of Cloudflare WAF rule sets (Cloudflare Managed Rules, Cloudflare OWASP Core Rule Set, and Cloudflare Leaked Credential Verification Rule Set) along with advanced WAF features, customers will need to upgrade to Pro plans or higher.

New API gateway powered by AI

As the final leg of the series of announcements, Cloudflare on Wednesday introduced a new api gateway to help its customers secure and control all their APIs (Application Programming Interfaces).

An API gateway is essentially a tool that sits between a client and a collection of back-end services that serves as a reverse proxy to accept all API calls, add services to fulfill the call, and then return the response to the API. requesting client.

“Cloudflare’s new API Gateway is designed to simplify the experience of managing and securing APIs,” says Donahue. “API traffic is automatically identified and marked for customers during the onboarding process. Because it is based on the same network that feeds all other Cloudflare services, there is no upper limit to the amount of traffic or requests that it is capable of handling.

The new gateway works with a combination of AI and machine learning engines to automatically detect new APIs and prevent threats. To this end, Cloudflare claims to learn from the 32 million requests per second served on its global edge to refine its API traffic model.

The model can identify threats, suggest speed limits based on observed traffic patterns, and create an API infrastructure scheme that works in real time to immediately adapt to new anomalies and traffic patterns, according to Donahue.

The features of the new API gateway iIncludes the ability to automatically detect unmanaged APIs; allow users to create and manage APIs directly with Cloudflare workers; supporting industry as well as Cloudflare authorization protocols; and route, log, and measure API requests.

“Cloudflare is raising the bar in one of the fastest growing areas we’ve seen, API security,” says McAlum. “With increased adoption of the public cloud, APIs continue to grow exponentially in number across the complicated web and mobile app ecosystem. The new gateway could provide a single hub that enables enterprises to quickly discover APIs they weren’t aware of and easily protect them in just a few clicks.”

Copyright © 2022 IDG Communications, Inc.

About the author


Leave a Comment