Cloud connectivity provider Cloudflare Inc. today announced new capabilities for Cloudflare One, its zero-trust security platform, designed to help organizations securely adopt, build and deploy generative artificial intelligence applications.

The new features are designed to give Cloudflare customers the ability to understand, analyze and set controls automatically on how generative AI is used throughout their organization while enhancing the productivity and innovation of teams without sacrificing security or privacy standards.

The rapid adoption of generative AI to work faster, streamline daily tasks and create new applications has been well-documented, but the widespread adoption is frequently occurring without security and privacy in mind. For example, employees may accidentally paste confidential company information into chatbots, or engineers may deploy AI-driven apps without the input of their security teams. Cloudflare argues that to prevent these risks, businesses need to understand and manage the use of AI so all employees can use it efficiently and safely, with security built in by default.

To deal with the security issues that arise, Cloudflare is introducing AI Security Posture Management into its zero-trust platform to allow organizations to safeguard against a range of potential threats posed by the wide adoption of AI tools.

The new service allows security teams to discover how employees are using AI with a new Shadow AI Report that gives instant insights from traffic. The report gives a clear, data-driven picture of an organization’s AI usage and allows teams to see not just that an employee is using an AI app, but which AI app and users are accessing it.

To protect against Shadow AI, Cloudflare Gateway now allows teams to automatically enforce AI policies at the edge of Cloudflare’s network to ensure consistent security for every employee, no matter where they work. Security teams can choose to block unapproved AI applications, limit the types of data uploaded into AI applications and complete reviews of AI tools to ensure they continue to meet security and privacy standards.

To address the risk of secrets and other protected data being shared with AI tools, Cloudflare now offers AI Prompt Protection, which allows security teams to identify potentially dangerous or risky employee interactions with AI models and flag those prompts and responses. Policies can now be enforced inline at the prompt level to mitigate risk early on and employees can be warned or blocked from submitting sensitive data, such as source code, from being entered into an untrusted AI provider.

The final new feature, Zero Trust MCP Server Control, consolidates all Model Context Protocol tool calls into a single dashboard and allows all MCP traffic, regardless of origin, to be routed through Cloudflare for increased control and access management. Security teams can set user-level policies at both the gateway and individual MCP server levels.

“We are the only company today that can offer the security of a zero-trust platform with a full set of AI and inference development products, all backed with the scale of a global network,” said co-founder and Chief Executive Matthew Prince. “The world’s most innovative companies want to pull the AI lever to move, build and scale fast without sacrificing security. We are in a unique position to help power that innovation – and help bring AI to all businesses safely.”

Photo: Wikimedia Commons