Defensive AI: Cloudflare’s framework for defending against next-gen threats

Generative AI has become a powerful tool for both good and malicious purposes. It can enhance human productivity but also be used by attackers to create sophisticated phishing attacks and social engineering schemes. To combat these new challenges, Cloudflare developed Defensive AI, which uses data from its vast network to improve the effectiveness of security solutions across various areas such as application security, email security, and Zero Trust platform. One example is API Anomaly Detection for API Gateway, designed to protect APIs from attacks that aim to damage applications, take over accounts, or exfiltrate data. Another area where AI improves security is in the Web Application Firewall (WAF), which uses machine learning models to identify new malicious payloads and extend protection to undiscovered attacks. In email security, Cloudflare Email Security leverages AI models to analyze all parts of a phishing attack and determine risk. The company also introduced behavior-based user risk scoring for its Zero Trust security solution, which detects anomalies in users' behavior and signals that could lead to harm to the organization. Overall, Cloudflare is using AI to enhance various aspects of digital asset protection against evolving threats and bad actors.