Browse past weeks of engineering reads.
How to automatically convert TypeScript workflow code into visual step diagrams for users to understand and interact with their workflows in the dashboard.
Italy's 'Piracy Shield' system forces Internet infrastructure providers like Cloudflare to block content at the network level without proper oversight or due process, leading to disproportionate overblocking of legitimate content.
Organizations struggle to discover and secure AI-powered applications across their infrastructure, especially shadow AI deployments that teams spin up without central oversight, creating security blind spots.
Standard defensive security tools miss logic flaws and vulnerabilities in APIs because they lack understanding of stateful API interactions and business logic flows.
Traditional bot-blocking approaches are insufficient for preventing account abuse (e.g., credential stuffing, fake account creation) because sophisticated attacks increasingly involve human-like behavior or actual humans, bypassing conventional bot detection.
Cloudflare's open-source Pingora proxy had request smuggling vulnerabilities when deployed as an ingress proxy, allowing attackers to exploit HTTP parsing discrepancies to bypass security controls and route malicious requests.
AI agents hitting Cloudflare error pages received heavyweight HTML responses that consumed excessive tokens and required brittle parsing, making automated error handling inefficient and costly.
The Cloudflare One SASE client's Proxy Mode relied on user-space TCP stacks for tunneling traffic, introducing significant overhead that limited throughput and increased latency for end users.
Organizations face fragmented data security across endpoints, network traffic, cloud applications, and AI prompts, making it difficult to enforce consistent data loss prevention (DLP) policies as data flows through diverse channels including RDP sessions and AI copilots.