Cloudflare Enhances WAF with New Features for AI Protection
Cloudflare has recently bolstered its Web Application Firewall (WAF) with a new feature called Firewall for AI, aimed at safeguarding AI models, particularly large language models (LLMs), from exploitation.
Image for illustrative purposes
The Firewall for AI capability is tailored for applications utilizing LLMs and includes a suite of tools within the WAF to analyze prompts submitted and detect any exploitation attempts. According to a Cloudflare spokesperson, this feature is deployment-agnostic and can be used in front of models hosted on Cloudflare Workers AI or any third-party infrastructure, as long as the traffic is routed through Cloudflare WAF.
Customers will have the flexibility to configure and manage Firewall for AI through the WAF control plane. Cloudflare Workers AI, an open AI inference-as-a-service platform, enables developers to execute machine learning models on the Cloudflare network from their own code.
Protection against DoS and Data Leakage
The new Firewall for AI offering is specifically designed for customers running AI on Cloudflare Workers AI to mitigate risks such as prompt injection and data leakage. It scans and assesses prompts submitted by users to prevent model exploitation and data extraction attempts.
The capability leverages a mix of heuristics and proprietary AI layers to evaluate prompts, identify abuses, and mitigate threats. The Cloudflare spokesperson mentioned, “Firewall for AI will protect against Model Denial of Service and Sensitive Information Disclosure, utilizing tools available to all customers as part of the Web Application Firewall.”
Defensive AI to Detect Anomalous Behavior
In addition to Firewall for AI, Cloudflare is developing a Defensive AI program to combat the rising number of AI-based attacks across various vectors, including APIs, emails, and insider incidents. This program aims to analyze customer traffic patterns, establish a baseline of normal behavior, and identify anomalies.
The Cloudflare spokesperson highlighted, “Defensive AI enhances security solutions by leveraging intelligent systems. It is employed to elevate protection levels across all security domains, from application security to email security and Cloudflare’s Zero Trust platform.”
While Firewall for AI is already accessible to Cloudflare customers, the Defensive AI models are currently in development, with the launch date yet to be announced.
Cloudflare’s proactive approach to fortifying its WAF with AI-centric features underscores the evolving landscape of cybersecurity, where AI technologies are both a boon and a potential vulnerability. With these advancements, Cloudflare aims to stay ahead of emerging threats and provide robust protection for organizations leveraging AI models in their applications.