Cloudflare shows flair with new products for mobile and IoT security


Cloudflare celebrates its 12th anniversary with the launch of a Zero Trust SIM, an IoT security platform and a Botnet Threat Feed.

icons for internet, mobile devices, and security connected in a web over a city landscape
Image: Adobe Stock/metamorworks

Having a safe and secure internet has been a major concern for enterprises due to the growing number of successful cyberattacks on organizations worldwide.

Among the companies who have taken an interest in profiting from the art of protection is American firm Cloudflare. As a cloud security service and content delivery network provider, Cloudflare has been operating with a focus on building a better internet and offering internet users secure access to millions of websites globally.

It already has a number of notable customers, such as Mars, L’Oreal, IBM, Shopify and NCR. The stats also show that Cloudflare is doing well. According to its site, it provides 36 million HTTP requests per second on average and offers data from 275 cities in over 100 countries.

The company’s CDN services feature denial-of-service protection, web application firewalls, IP range prioritization and more.

In a recent event organized to celebrate its 12th anniversary, Cloudflare announced a series of new services to further prove its commitment to web security. The new services include Cloudflare’s free Botnet Threat Feed for Service Providers, Zero Trust SIM and Internet of Things security platform.

Cloudflare’s Zero Trust SIM

Backing up its reason for the release of the world’s first Zero Trust SIM, Matt Silverlock, Cloudflare’s director of products, reckoned that the cell phone has become a critical tool, as the modern workplace is beginning to shift out of office. Also, due to the billions of connected mobile devices across the globe, which outnumber PCs by a huge margin, mobile devices have become a threat vector and a target for hackers attempting to breach corporate network securities.

SEE: BYOD Approval Form (TechRepublic Premium)

Cloudflare holds the view that while corporate organizations have made moves to deploy zero-trust security solutions at the software level of their desktops, mobile devices have not received similar attention. To change this narrative, Cloudflare is offering organizations its first Zero Trust SIM solution to ensure organizations and their employees are protected against those aiming to break through corporate defenses.

Cloudflare’s Zero Trust is built on the zero-trust security framework, which continuously authenticates and authorizes organizational and private networks. McAfee estimates that cybercrime costs the world economy more than $1 trillion, which is roughly 1% of global GDP. With such danger in existence, Cloudflare’s Zero Trust SIM offers organizations a technology that will help protect their networks, data and critical assets by ensuring employees use a SIM that operates on the zero-trust security framework on their mobile devices.

In addition, Cloudflare’s Zero Trust SIM would help prevent employees from connecting to malware and phishing sites and mitigate common SIM attacks by preventing cloning attacks and locking SIMs to individual employee devices. According to the information released by Silverlock on Cloudflare’s blog, the Zero Trust SIM would enable secure, identity-based private connectivity to cloud services and on-premises infrastructure through Magic WAN. With the Zero Trust SIM, the company further aims to tie each SIM to a specific employee, making it an identity signal to each employer.

IoT’s happening

During the event, Cloudflare also launched its IoT Platform. Given the explosion in IoT devices and the need to integrate artificial intelligence and machine learning into the workings of IoT, there is a high risk of attack associated with these devices. A recent report by Fortune Business Insights holds that the global IoT market is projected to reach $2.46 trillion in 2029 at a compound annual growth rate of 26.4%.

Cloudflare recounts that due to the growing numbers of IoT devices, it has been defending these devices against DDoS attacks and botnets such as Meris and Miral for a couple of years. Although the company has recorded successful defenses against these threat actors on IoT devices, it still feels the need to provide an IoT platform where manufacturers of IoT devices can tap into Cloudflare’s IoT security architecture.

SEE: Hiring Kit: IoT developer (TechRepublic Premium)

With this platform, Cloudflare is hoping to provide a unified view over IoT devices and connectivity for new devices as well as secure these devices from any imminent attacks. According to the statement released by Silverlock through Cloudflare’s blog page:

“Cloudflare’s IoT Platform will build in support for provisioning cellular connectivity at scale. We’ll support ordering, provisioning and managing cellular connectivity for your devices. Every packet that leaves each IoT device can be inspected, approved or rejected by policies you create before it reaches the internet, your cloud infrastructure or your other devices. Emerging standards like IoT SAFE will also allow us to use the SIM card as a root-of-trust, storing device secrets (and API keys) securely on the device, whilst raising the bar to compromise.”

With this move, we might be witnessing the application of zero trust to IoT. If this happens, Cloudflare could well have a chance to compete with the big players in the IoT security market, such as Microsoft, Google, IBM, Intel, Ericsson, Cisco, Infineon, Atos and Dragos.

A free Botnet Threat Feed

One other notable announcement made by Cloudflare during its anniversary is that it has launched its free Botnet Threat Feed for Service Providers. This solution will cover all service providers, from hosting providers to internet service providers and cloud compute providers.

With Cloudflare’s Botnet Threat Feed, service providers would have access to threat intelligence on their own IP addresses, which would allow them to crack down on attackers, take down botnet nodes, reduce their abuse-driven costs, and ultimately reduce the amount and force of DDoS attacks across the internet.