Governance & Risk Management
Cloudflare’s Zero Trust Platform Offers More Robust Threat Intel, Network Discovery
Cloudflare is integrating its recent email and cloud security acquisitions with native data security and network discovery capabilities in a bid to dominate the market for zero trust.
It’s been less than two years since the San Francisco-based internet infrastructure company rolled out Cloudflare One and already more than 15% of its 140,000 paying customers use at least part of the zero trust network-as-a-service platform.
The enhancement will fill gaps in the company’s secure access service edge offering, co-founder and CEO Matthew Prince tells Information Security Media Group.
Prince wants to further increase Cloudflare’s wallet share with existing customers and sees an opening with the growing popularity of zero trust products. “More and more companies are starting actually with zero trust and then working in the other direction” to DDoS mitigation and web application firewalls, Prince says. “I like the fact that we can grow in both directions.”
The Need for CASB and Email Security
Cloudflare has built out its SASE stack by buying cloud access security broker startup Vectrix for $17.4 million in February to detect and mitigate issues around file sharing and user permissions. In April, Cloudflare purchased email security vendor Area 1 Security for $162 million, which Prince says was driven by the strength of Area 1’s cloud product, threat intelligence capability and channel operation.
Close alignment between the company’s reverse proxy service and its data loss prevention tool allows Cloudflare One to scan packets as they flow through the network at line-rate speed. Cloudflare can ingest data from third-party threat intelligence platforms into its data loss prevention system.
Cloudflare has opted to offer its private network discovery capabilities as a stand-alone product so that customers can better understand what’s running on their networks and how services are being used and consumed. Prince says the network discovery capability had been built into Cloudflare’s secure web gateway product, but has been broken out into its own tool to ensure customers don’t have gaps.
‘Great Companies Do Many Things’
Cloudflare’s growth as a cybersecurity company hasn’t come without its challenges. Gartner in February excluded the company from its first Security Service Edge Magic Quadrant, dinging Cloudflare for not offering API integrations around its cloud access security broker technology.
Prince tells ISMG he’s not especially worried. “What we measure is not where we start but how much every year we move up and to the right on those reports. “We won’t be satisfied until we are the clear leader in the space.”
Prince expects Cloudflare to be the largest zero trust vendor in the world thanks to the amount of network traffic the company can handle and the tight integration between the company’s forward proxy and reverse proxy services. Cloudflare One’s Zero Trust platform makes it easy for clients to inspect packets, stop threats from coming through and understand what’s going on across their network, Prince says.
“I think great companies do many things,” Prince says. “A lot of people know Cloudflare for some of the things that we started out as, but I think the fact that we’ve got the network that we do has allowed us to expand into a number of different markets. And we intend to be the best of breed across all of those different categories.”
From a metrics standpoint, Prince says the company is focused on customer adoption of new Cloudflare One features. The company is typically able to determine how much adoption there is from the existing customer base by looking at the total amount of network traffic that’s flowing through the network. Cloudflare One can boost security while actually improving rather than taking away from performance.
“We think that we can be the fastest, the easiest to use, the most secure and have the highest ROI of anyone in the space,” Prince says.