During the recent Cloudflare Security Week 2025, the cloud provider announced various improvements to its cybersecurity services and multiple reports analyzing trends and challenges in security threats. Additionally, they announced AI Labyrinth, a new version of honeypots against unauthorized crawlers, and Cloudflare for AI, a suite of tools aimed at helping the adoption of secure AI technologies.
Released as one of the first announcements of Security Week 2025, Cloudflare revealed that organizations can now protect sensitive corporate network traffic from quantum threats by tunneling it through Cloudflare’s Zero Trust platform. Explaining why conventional cryptography is at risk, the team writes:
Organizations can tunnel their corporate network traffic though Cloudflare’s Zero Trust platform, protecting it against quantum adversaries without the hassle of individually upgrading each and every corporate application, system, or network connection.
Significant improvements were introduced to Cloudflare One, a SASE platform used by enterprise security and IT teams to manage the security of their employees, applications, and third-party tools. Cloudflare One users can now leverage the CASB (Cloud Access Security Broker) product to scan Amazon S3 and Google Cloud Storage, addressing posture and data loss prevention challenges. Alex Dunbrack and Michael Leslie explain how to detect sensitive data and misconfigurations in AWS and GCP using Cloudflare One:
Scanning both point-in-time and continuously, users can identify misconfigurations in Identity and Access Management (IAM), bucket, and object settings, and detect sensitive information, like Social Security numbers, credit card numbers, or any other pattern using regex, in cloud storage objects.
In another significant announcement, Cloudflare claimed enhanced security and simplified controls with automated botnet protection, cipher suite selection, and updates to the URL Scanner. Workers AI and the new AI Agents SDK facilitate the development and deployment of AI applications on Cloudflare’s network and are part of a suite of tools now called Cloudflare for AI.
AI Labyrinth is a new mitigation approach that uses AI-generated content to slow down, confuse, and drain the resources of AI crawlers and other bots that ignore “no crawl” directives. Jeremy Daly, director of research at CloudZero, writes:
I particularly liked their new AI Labyrinth product that “uses AI-generated content to slow down, confuse, and waste the resources of AI Crawlers and other bots that don’t respect ‘no crawl’ directives.” This likely falls into the “what could possibly go wrong?” category that ends up wasting an enormous amount of power by letting AI bots get trapped in endless loops. Even worse, the crawlers could actually train themselves on AI generated content and we end up with model collapse.
In a popular Hacker News thread, many users express similar concerns. Glauco Júnior Carvalho, senior software developer, writes instead:
As AI continues to evolve, the balance between openness and control will remain a key challenge. Tools like AI Labyrinth offer a glimpse into how that balance can be reshaped, not just with firewalls and filters, but with clever mazes that send scrapers chasing shadows.
Source: Cloudflare blog
During the week, the company shared key metrics collected from their global network: based on Cloudflare’s observed traffic between September and November, 41% of successful logins involved compromised passwords. Radwa Radwan, product manager at Cloudflare, and Sabina Zejnilovic, data scientist at Cloudflare, warn that the pervasive issue of password reuse is enabling automated bot attacks on a massive scale:
This percentage represents hundreds of millions of daily authentication requests, originating from both bots and humans. While not every attempt succeeds, the sheer volume of leaked credentials in real-world traffic illustrates how common password reuse is.
Source: Cloudflare blog
Jen Sells explains how Cloudflare enables native monitoring and forensics with Log Explorer and custom dashboards, with seven additional Cloudflare product datasets now available in Log Explorer, including Access, Gateway DNS, and Gateway HTTP. Custom dashboards can be used to monitor suspicious activity, performance, and errors across customer domains.
Source: Cloudflare blog
Finally, Cloudflare reports progress in boosting MFA adoption with the addition of Apple and Google social logins.
