{"id":92081,"date":"2023-05-24T20:29:26","date_gmt":"2023-05-24T20:29:26","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4099099"},"modified":"2023-05-24T20:29:26","modified_gmt":"2023-05-24T20:29:26","slug":"cloudflare-releases-new-ai-security-tools-with-cloudflare-one","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=92081","title":{"rendered":"Cloudflare releases new AI security tools with Cloudflare One"},"content":{"rendered":"
\"A
Image: Alexander\/Adobe Stock<\/figcaption><\/figure>\n

Cloudflare announced<\/a> on May 15, 2023 a new suite of zero-trust security tools for companies to leverage the benefits of AI<\/a> technologies while mitigating risks. The company integrated the new technologies to expand its existing Cloudflare One product, which is a secure access service edge zero trust network-as-a-service platform.<\/p>\n

The Cloudflare One platform\u2019s new tools and features are Cloudflare Gateway, service tokens, Cloudflare Tunnel, Cloudflare Data Loss Prevention and Cloudflare\u2019s cloud access security broker.<\/p>\n

\u201cEnterprises and small teams alike share a common concern: They want to use these AI tools without also creating a data loss incident,\u201d Sam Rhea, the vice president of product at Cloudflare, told TechRepublic.<\/p>\n

He explained that AI innovation is more valuable to companies when they help users solve unique problems. \u201cBut that often involves the potentially sensitive context or data of that problem,\u201d Rhea added.<\/p>\n

Jump to:<\/p>\n

What\u2019s new in Cloudflare One: AI security tools and features<\/h2>\n

With the new suite of AI security tools, Cloudflare One now allows teams of any size to safely use the excellent tools without management headaches or performance challenges. The tools are designed for companies to gain visibility into AI and measure AI tools\u2019 usage, prevent data loss and manage integrations.<\/p>\n

Cloudflare Gateway<\/h3>\n

With Cloudflare Gateway<\/a>, companies can visualize all the AI apps and services employees are experimenting with. Software budget decision-makers can leverage the visibility to make more effective software license purchases.<\/p>\n

In addition, the tools give administrators critical privacy and security information, such as internet traffic and threat intelligence visibility, network policies, open internet privacy exposure risks and individual devices\u2019 traffic (Figure A<\/strong>).<\/p>\n

Figure A<\/strong><\/p>\n

\"Cloudflare
Cloudflare Shadow IT dashboard reveals what applications and services workers are using that have not been officially approved by the company. Image: Cloudflare<\/figcaption><\/figure>\n

Service tokens<\/h3>\n

Some companies have realized that in order to make generative AI more efficient and accurate, they must share training data with the AI and grant plugin access to the AI service. For companies to be able to connect these AI models with their data, Cloudflare developed service tokens<\/a>.<\/p>\n

Service tokens give administrators a clear log of all API requests and grant them full control over the specific services that can access AI training data (Figure B<\/strong>). Additionally, it allows administrators to revoke tokens easily with a single click when building ChatGPT<\/a> plugins for internal and external use.<\/p>\n

Figure B <\/strong><\/p>\n

\"Cloudflare
Cloudflare service tokens dashboard. Image: Cloudflare<\/figcaption><\/figure>\n

 <\/em><\/p>\n

Once service tokens are created, administrators can add policies that can, for example, verify the service token, country, IP address or an mTLS certificate. Policies can be created to require users to authenticate, such as completing an MFA prompt before accessing sensitive training data or services.<\/p>\n

Cloudflare Tunnel<\/h3>\n

Cloudflare Tunnel<\/a> allows teams to connect the AI tools with the infrastructure without affecting their firewalls. This tool creates an encrypted, outbound-only connection to Cloudflare\u2019s network, checking every request against the configured access rules (Figure C<\/strong>).<\/p>\n

Figure C<\/strong><\/p>\n

\"Cloudflare
Cloudflare Tunnel creation dashboard. Image: Cloudflare<\/figcaption><\/figure>\n

Cloudflare Data Loss Prevention<\/h3>\n

While administrators can visualize, configure access, secure, block or allow AI services using security and privacy tools, human error can also play a role in data loss, data leaks or privacy breaches. For example, employees may accidentally overshare sensitive data with AI models by mistake.<\/p>\n

Cloudflare Data Loss Prevention<\/a> secures the human gap with pre-configured options that can check for data (e.g., Social Security numbers, credit card numbers, etc.), do custom scans, identify patterns based on data configurations for a specific team and set limitations for special projects.<\/p>\n

Cloudflare\u2019s cloud access security broker<\/h3>\n

In a recent blog post<\/a>, Cloudflare explained that new generative AI plugins such as those offered by ChatGPT provide many benefits but can also lead to unwanted access to data. Misconfiguration of these applications can cause security violations.<\/p>\n

Cloudflare\u2019s cloud access security broker<\/a> is a new feature that gives enterprises comprehensive visibility and control over SaaS apps. It scans SaaS applications for potential issues such as misconfigurations and alerts companies if files are accidentally made public online. Cloudflare is working on new CASB integrations, which will be able to check for misconfigurations on new popular AI services such as Microsoft\u2019s Bing<\/a>, Google\u2019s Bard<\/a> or AWS Bedrock<\/a>.<\/p>\n

The global SASE and SSE market and its leaders<\/h2>\n

Secure access service edge and security service edge solutions have become increasingly vital as companies migrated to the cloud and into hybrid work models. When Cloudflare was recognized by Gartner for its SASE technology, the company detailed in a press release<\/a> the difference between both acronyms by explaining SASE services extend the definition of SSE to include managing the connectivity of secured traffic.<\/p>\n