Cloudflare Dives Into AI Security


By: Mary Jander

Cloudflare is taking aim at a major enterprise concern with a spate of new products designed to protect information in generative AI (GenAI) applications. It’s a move that highlights the growing role of content delivery networks (CDNs) in AI processing and security.

"When new types of applications emerge, new types of threats follow quickly. That's no different for AI-powered applications," stated Matthew Prince, co-founder and CEO of Cloudflare, in a press release. Among these new threats are data injection, exfiltration, and the use of large language models (LLMs) to perform malefic, unauthorized actions.

To protect organizations from these threats, Cloudflare’s releasing a series of new products, which work in concert with its existing security services. Let’s take a closer look at each one.

A Firewall for AI Modeling Data

First up is Firewall for AI, a web application firewall (WAF) described in a blog by Cloudflare group product manager Daniele Molteni as “a protection layer that can be deployed in front of [LLMs] to identify abuses before they reach the models.” Firewall for AI can be used to protect models running on Cloudflare’s Workers AI platform, which runs AI inferencing powered by GPUs as a service on Cloudflare’s network. Cloudflare says the WAF will also run with similar third-party services.

The new solution also runs with Cloudflare’s AI Gateway, which offers analytics and other services for AI workloads. The AI Gateway, for instance, features Advanced Rate Limiting, which sets a threshold on the number of requests an application receives to prevent distributed denial of service (DDoS) attacks. Requests can be associated with IP address, country of origin, header, cookie, ASN, value of a particular aspect of the query, or JA3 fingerprint.

Firewall for AI scans each application programming interface (API) request containing an LLM prompt for abnormal patterns. Equipped with a Sensitive Data Detection set of rules, the WAF can detect the presence of credit card numbers and API keys in LLM outgoing responses to various queries. Cloudflare plans to add the ability to scope incoming requests as well to ensure that personally identifiable information (PII) isn’t fed into a model inadvertently.

There’s another key feature of Firewall for AI: a prompt analysis function that will be able to score an incoming prompt based on a scale of potential maliciousness. This feature, though, is still in development, but Cloudflare promises a beta release “in the coming months” to Workers AI users.

Source: Cloudflare

A Defensive AI Stance

A second announcement is Defensive AI, a general term for a handful of new functions that incorporate AI in security. API Anomaly Detection, for example, uses machine learning (ML) to learn normal API requests in an AI application and tag requests that deviate from that behavior. This function is in development and will be added to Cloudflare’s existing API Gateway. Another feature, WAF Attack Score, uses ML to identify features of attack traffic and identify whether incoming traffic contains an attempt to bypass protection measures. Part of the standard Cloudflare WAF, WAF Attack Score has been made available to all business and enterprise customers.

Cloudflare's Email Security service analyzes email for phishing attacks using a model called Honeycomb to identify risky senders. Another model called Labyrinth uses ML to gather a list of legitimate email senders in order to nab attempts to “spoof” emails that come from suspicious domains but mention legitimate ones in the email body.

Cloudflare also has announced a Security Analytics AI Assistant to respond to natural language queries within the Workers AI platform. This tool can identify bots, identify root causes of specific errors, track which browsers are used in the network, and identify unwanted traffic to specific endpoints, among other things. The AI Assistant is being rolled out selectively to customers through this month of March 2024 and will be available to all business and enterprise customers by month’s end, Cloudflare says.

A Powerful CDN Trend

Cloudflare’s announcements are notable because they are part of an ongoing cycle of security enhancements. Even as the company is expanding its capabilities for business customers, such as AI inferencing, it’s acting on the knowledge that security is fundamental to adoption of those features.

And Cloudflare isn’t alone. Competitor Fastly, for instance, announced this week that Australian automated payment processing company Monoova chose its services specifically for their security functions. “We were particularly impressed by Fastly’s capabilities in the areas of both API and web application security as well as in its DDoS protection and SOC expertise,” stated Monoova CTO Nicholas Tan in the announcement.

Futuriom Take: Cloudflare’s subtly technical additions to AI security reflect a crucial response to the growing adoption of CDN services for GenAI inference. Expect more security enhancements from Cloudflare and its competitors.