Security Articles

Ariso.ai implemented HashiCorp Vault's Transit secrets engine for high-performance envelope encryption across 21 database tables in their multi-tenant AI assistant platform.

Google Cloud

03 min read

Security•2026-03-05

Make security simpler: Introducing the Google Cloud recommended security checklist

Google Cloud introduces a recommended security checklist based on Minimum Viable Secure Product (MVSP) principles to simplify cloud security management.

Look What You Made Us Patch: 2025 Zero-Days in Review

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities exploited in-the-wild in 2025, highlighting structural shifts toward enterprise targeting and evolving threat actor techniques.

A QUICker SASE client: re-building Proxy Mode

Cloudflare rebuilt the proxy mode of the Cloudflare One Client by replacing WireGuard and smoltcp with QUIC-based direct L4 proxying to eliminate performance bottlenecks.

SASE

Proxying

Cloudflare Zero Trust

Zero Trust

Cloudflare One

Cloudflare One Client

A complete guide to GitLab Container Scanning

This article provides a complete guide to GitLab's five container scanning approaches for detecting vulnerabilities throughout the container lifecycle.

Cloudflare

31 min read

Security•2026-03-04

Always-on detections: eliminating the WAF “log versus block” trade-off

This article introduces Cloudflare's always-on Attack Signature Detection framework that eliminates the traditional WAF trade-off between log visibility and block protection.

Mind the gap: new tools for continuous enforcement from boot to login

Cloudflare announces two new SASE tools—mandatory authentication and independent MFA—to close enforcement gaps in zero trust deployments.

Security Week

Cloudflare Zero Trust

Stop reacting to breaches and start preventing them with User Risk Scoring

Cloudflare introduces User Risk Scoring integrated into zero trust network access (ZTNA) policies on its Cloudflare One SASE platform.

Cloudflare Zero Trust

Cloudflare One

Access

Cloudflare Access

Cloudflare One User Risk Score

Cloudflare

11 min read

Security•2026-03-04

Defeating the deepfake: stopping laptop farms and insider threats

This article discusses Cloudflare's partnership with Nametag to counter deepfake-enabled identity fraud and the growing "remote IT worker" threat through identity-verified zero trust onboarding.

SASE

Cloudflare Zero Trust

Moving from license plates to badges: the Gateway Authorization Proxy

Cloudflare introduces the Gateway Authorization Proxy, enabling identity-based traffic filtering for unmanaged devices without requiring client software installation.

SASE

Secure Web Gateway

Cloudflare Gateway

Cloudflare Zero Trust

GitLab

010 min read

Security•2026-03-04

How GitLab built a security control framework from scratch

GitLab's Security Compliance team built a custom control framework (GCF) after finding existing frameworks like NIST SP 800-53 inadequate for their multi-product, cloud-native environment.

Cloudflare

41 min read

Security•2026-03-03

Evolving Cloudflare’s Threat Intelligence Platform: actionable, scalable, and ETL-less

Cloudflare evolved its Threat Intelligence Platform to eliminate ETL pipelines using a sharded, SQLite-backed Durable Objects architecture with GraphQL running at the edge.