How Cloudy translates complex security into human action

Cloudflare's Cloudy is a powerful LLM-powered explanation tool integrated into Cloudflare One, designed to translate complex security telemetry into human-readable guidance for security teams and end users. It enhances decision-making and reduces unnecessary noise by providing clear, contextual explanations of why an email is flagged or a SaaS issue is detected. Initially launched for email security, Cloudy helps end users understand the reasoning behind message classifications like Malicious or Suspicious, addressing the gap left by traditional security awareness training. This reduces the burden on security operations centers (SOC) by preventing unnecessary escalations. Cloudy is also applied to Cloudflare's CASB, offering structured explanations for security findings across SaaS environments, allowing administrators to quickly understand risks and prioritize remediation. The tool is built on Cloudflare's privacy-first infrastructure, ensuring data protection while leveraging AI for real-time feedback. Cloudflare plans to expand Cloudy's capabilities further, aiming to integrate it more deeply into daily workflows and enhance collaboration between users and SOC teams.