Improve your site with free and paid apps:

Cloudflare Developer Fund

Cloudflare and world class investment firms invest $100 Million to deliver powerful tools for the Internet. The Cloudflare Developer Fund is looking for companies that are building apps on Cloudflare’s platform.

Prevent Customer Data Breach

Protect applications from attacks resulting in sensitive customer data compromise

A data compromise can result in the leak of sensitive customer information, such as credit cards, passwords, and other personally identifiable information (PII), from an application's data store. Attackers often use several attack vectors when attempting to compromise customer data, such as DNS spoofing, snooping of data in transit, brute force login attempts, or malicious payload exploits.

The global cost of a data breach on average, per lost or stolen record, is $141 in 2017, and the average total cost of a data breach in the US is $3.62 million. With heightened scrutiny by governments and media, companies are facing severe repercussions from even the smallest data compromise. Business impacts include lost customers and revenues, degraded trust, damaged brand, or regulatory penalties.

Websites and applications require the resilience and intelligence of a scalable network to combat the most sophisticated and newest attacks. Protecting against threats should not degrade performance caused by security induced latencies, and security services must be easy to configure to eliminate misconfigurations, which introduce new vulnerabilities.

Contact Our Team
UK callers: +44 (0)20 3514 6970
Singapore callers: +65 3158 3954
International callers: +1 (650) 319 8930
Related Products

Shared Network Intelligence

With every new Internet property, Cloudflare’s network becomes smarter. Cloudflare’s IP reputation database identifies and blocks new and evolving threats across all 6 million properties on the network.

Layered Security Defense

Reduce the risk of data compromise through a layered security defense against multiple attack vectors using DNSSEC, SSL/TLS encryption, web application firewall (WAF), and rate limiting.

No Performance Tradeoffs

Eliminate security related performance trade-offs by integrating with Cloudflare’s included Performance Services, including CDN, smart routing, website optimizations, and the latest web standards.

Common Data Breach Types and Prevention

DNS spoofing diagram

DNS Spoofing

A compromised DNS record, or "poisoned cache," can return a malicious answer from the DNS server, sending an unsuspecting visitor to an attacker's website. This enables attackers to steal user credentials and take ownership of legitimate accounts.

Cloudflare Solution

DNSSEC verifies DNS records using cryptographic signatures. By checking the signature associated with a record, DNS resolvers can verify that the requested information comes from its authoritative name server and not a man-in-the-middle attacker.

Snooping Data diagram

Snooping of Data In-Transit

Attackers can intercept or “snoop" on unencrypted customer sessions to steal sensitive customer data, including credentials such as passwords or credit-cards numbers.

Cloudflare Solution

Fast SSL / TLS encryption at the edge of Cloudflare’s network, automated certificate management, and support for the latest security standards enable the secure transmission of sensitive customer data without fear of exposure.

Brute Force Login Attempts diagram

Brute Force Login Attempts

Attackers can wage "dictionary attacks" by automating logins with dumped credentials to brute force their way through a login-protected page.

Cloudflare Solution

Cloudflare offers granular control through Rate Limiting to detect and block hard-to-detect attacks at the network edge, defined by custom rules that set request thresholds, timeout periods, and response codes.

Malicious Payload Exploits diagram

Malicious Payload Exploits

Attackers can exploit application vulnerabilities though malicious payloads. The most common forms include SQL injections, cross-site scripting, and remote file inclusions. Each of these can expose sensitive data by running malicious code on applications.

Cloudflare Solution

Automatically filter out illegitimate traffic targeting the application layer through web application firewall (WAF) rulesets, including GET and POST-based HTTP requests. Enable pre-built rulesets such as OWASP Top 10 and Cloudflare application-specific. Build rulesets to specify types of traffic to block, challenge, or let through.

As an insurance broker we have to prove that we take adequate precautions to prevent unauthorized access to our data. By allowing Cloudflare as the single user of our private cloud, we’ve eliminated entire classes of threat vectors and made our security that much simpler to prove."
MARTIN BAILEY
CTO, President, & Co-Founder
mitigate DDoS attacks diagram

Mitigate DDoS Attacks

Protect applications, websites, and APIs from malicious traffic targeting network and application layers, to maintain availability and performance, while containing operating costs.

Block Malicious Bot Abuse diagram

Block Malicious Bot Abuse

Block abusive bots from damaging Internet properties through content scraping, fraudulent checkout, and account takeover.

Trusted by over 6,000,000 customers

Cloudflare Features

Cloudflare protects all Internet assets on its network, while eliminating security-related performance trade-offs through its suite of performance improving functionalities.

Performance

Cloudflare Performance Services help to speed up Internet assets, resulting in better SEO, reduced customer churn, increased conversions, and improved visitor experiences.

  • Content Delivery Network (CDN)

    With 118 data centers across 57 countries, Cloudflare’s Anycast CDN caches static content at the edge, reducing latency by delivering assets as close as geographically possible to visitors.
  • Website Optimizations

    Cloudflare includes a suite of web optimizations to improve the performance of Internet assets. Optimizations include the latest web standards, such as HTTP/2 and TLS 1.3, as well as proprietary enhancements for images and mobile device visitors.
  • DNS

    Cloudflare is the fastest managed DNS provider in the world, routing over 38% of all global DNS traffic. Cloudflare has multiple ways to achieve maximum performance for online assets.
  • Load Balancing

    Cloudflare Load Balancing provides load balancing, geo-steering, monitoring and failover for single, hybrid-cloud, and multi-cloud environments, enhancing performance and availability.
  • Argo Smart Routing

    Argo Smart Routing improves Internet asset performance on average of 35% by routing visitors through the least congested and most reliable paths on Cloudflare's private network.
  • Railgun

    Railgun compresses previously uncacheable web objects up to 99.6% by leveraging techniques similar to those used in the compression of high-quality video. This results in an average 200% additional performance increase.
  • Stream

    Cloudflare Steam makes streaming video easy by handling data storage, media encoding, content embedding and playing, regional delivery, and analytics.

Security

Cloudflare Security Services help to reduce the risk of losing customers, revenues, and trustworthiness of brand by protecting against DDoS attacks, abusive bots, and data compromise.

  • Anycast Network

    With 118 data centers across 57 countries and 10 Tbps of capacity, Cloudflare’s Anycast network absorbs distributed attack traffic by dispersing it geographically, while keeping Internet properties available and performant.
  • DNSSEC

    DNSSEC is the Internet’s non-spoofable caller ID. It guarantees a web application’s traffic is safely routed to the correct servers so that a site’s visitors are not intercepted by a hidden “man-in-the-middle” attacker.
  • Web Application Firewall (WAF)

    Cloudflare’s enterprise-grade web application firewall (WAF) detects and block common application layer vulnerabilities at the network edge, utilising the OWASP Top 10, application-specific and custom rulesets.
  • Rate Limiting

    Rate Limiting protects critical resources by providing fine-grained control to block or qualify visitors with suspicious request rates.
  • SSL / TLS

    Transport Security Layer (TLS) encryption enables HTTPS connections between visitors and origin server(s), preventing man-in-the-middle attacks, packet sniffing, the display of web browser trust warnings, and more.
  • Secure Registrar

    Cloudflare is an ICANN accredited registrar, protecting organizations from domain hijacking with high-touch, online and offline verification for any changes to a registrar account.
  • Orbit

    Cloudflare Orbit solves security-related issues for Internet of Things devices at the network level.
  • Warp

    Automatically secure, accelerate, route, and load balance applications and services without directly exposing them to the internet.
  • Workers

    Cloudflare Workers let developers run JavaScript Service Workers in Cloudflare's 118 data centers around the world.