11 posts
cloudflare Mind the gap: new tools for continuous enforcement from boot to login 2026-03-04 Alex Holland Shahed El Baba Yi Huang Rhett Griggs One of our favorite ask-me-anything questions for company meetings or panels at security conferences is the classic: “What keeps you up at night?” F…
cloudflare The truly programmable SASE platform 2026-03-02 Abe Carryl Every organization approaches security through a unique lens, shaped by their tooling, requirements, and history. No two environments look the same, and none stay static for long. We believe the platforms that protect th…
cloudflare Beyond the blank slate: how Cloudflare accelerates your Zero Trust journey 2026-03-02 Michael Koyfman In the world of cybersecurity, "starting from scratch" is a double-edged sword. On one hand, you have a clean slate; on the other, you face a mountain of configurations, best pr…
cloudflare Modernizing with agile SASE: a Cloudflare One blog takeover 2026-03-02 Warnessa Weaver Yumna Moazzam Return to office has stalled for many, and the “new normal” for what the corporate network means is constantly changing. In 2026, your office may be a coffee shop, your workforce…
cloudflare ASPA: making Internet routing more secure 2026-02-27 Mingwei Zhang Bryton Herdes Internet traffic relies on the Border Gateway Protocol (BGP) to find its way between networks. However, this traffic can sometimes be misdirected due to configuration errors or malicious actions. Wh…
cloudflare Bringing more transparency to post-quantum usage, encrypted messaging, and routing security 2026-02-27 David Belson Mingwei Zhang André Jesus Suleman Ahmad Sabina Zejnilovic Thibault Meunier Mari Galicer Cloudflare Radar already offers a wide array of security insights — from ap…
cloudflare Cloudflare One is the first SASE offering modern post-quantum encryption across the full platform 2026-02-23 Sharon Goldberg Amos Paul David Gauch During Security Week 2025, we launched the industry’s first cloud-native post-quantum Secure Web Gateway (SWG) and Zero Trust soluti…
cloudflare 2025 Q4 DDoS threat report: A record-setting 31.4 Tbps attack caps a year of massive DDoS assaults 2026-02-05 Omer Yoachimik Jorge Pacheco Cloudforce One Welcome to the 24th edition of Cloudflare’s Quarterly DDoS Threat Report. In this report, Cloudforce One offers a comprehensi…
cloudflare How we mitigated a vulnerability in Cloudflare’s ACME validation logic 2026-01-19 Hrushikesh Deshpande Andrew Mitchell Leland Garofalo This post was updated on January 20, 2026. On October 13, 2025, security researchers from FearsOff identified and reported a vulnerability in Cl…
kakao Kakao developed YEYE, a dedicated Attack Surface Management (ASM) system, to proactively identify and manage the organization's vast digital footprint, including IPs, domains, and open ports. By integrating automated scanning with a human-led Daily Security Review (DSR) process, the platform transforms raw asset data into actionable security intelligence. This holistic approach ensures that potential entry points are identified and secured before they can be exploited by external threats. ## The YEYE Asset Management Framework * Defines attack surfaces broadly to include every external-facing digital asset, such as subdomains, API endpoints, and mobile APKs. * Categorizes assets using a standardized taxonomy based on scope (In/Out/Undefined), type (Domain/IP/Service), and identification status (Known/Unknown/3rd Party). * Implements a labeling system that converts diverse data formats from multiple sources into a simplified, unified structure for better visibility. * Establishes multi-dimensional relationships between assets, CVEs, certificates, and departments, allowing teams to instantly identify which business unit is responsible for a newly discovered vulnerability. ## Daily Security Review (DSR) * Operates on the principle that "security is a process, not a product," bridging the gap between automated detection and manual remediation. * Utilizes a rotating group system where security engineers review external feeds, public vulnerability news, and YEYE alerts every morning. * Focuses on detecting "shadow IT" or assets deployed without formal security reviews to ensure all external touchpoints are accounted for. ## Scalable and Efficient Scanning Architecture * Resolved internal network bandwidth bottlenecks by adopting a hybrid infrastructure that leverages public cloud resources for high-concurrency scanning tasks. * Developed a custom distributed scanning structure using schedulers and queues to manage multiple independent workers, overcoming the limitations of single-process open-source scanners. * Optimized infrastructure costs by identifying the "sweet spot" in server specifications, favoring the horizontal expansion of medium-spec servers over expensive, high-performance hardware. * Mitigates service impact and false alarms by using fixed IPs and custom User-Agent (UA) strings, allowing service owners to distinguish YEYE’s security probes from actual malicious traffic. To effectively manage a growing attack surface, organizations should combine automated asset discovery with a structured manual review process. Prioritizing data standardization and relationship mapping between assets and vulnerabilities is essential for rapid incident response and long-term infrastructure hardening.
figma How Linear made the most of a DDoS Maker Stories Profiles & interviews Engineering Case study Security