Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cloudflare

Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver

Apr 1, 2026 By Rory Malone In Cloudflare
Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data.
Read Post
opti9

AWS Accelerator Program: How to Move to the Cloud Faster (and Cheaper)

Apr 1, 2026 By Mark Mazza In Opti9
Cloud migrations have a reputation for running over budget and behind schedule. That reputation isn’t entirely undeserved — migrations done without structure often do. But AWS has invested heavily in programs that give businesses a faster, cheaper path to the cloud, and most organizations don’t know they exist or how to access them. The AWS Accelerator Program is one of the more practical frameworks available for SMBs and mid-market companies planning a move to AWS.
Read Post
Sovereign Cloud vs Public Cloud: A SidebySide Technical Comparison

Sovereign Cloud vs Public Cloud: A Side-by-Side Technical Comparison

Apr 1, 2026 By SecuritySenses In SecuritySenses
Cloud adoption is no longer a binary decision. Most enterprises already use public cloud in some form. The real question in 2026 is whether that model satisfies growing requirements around data residency, regulatory compliance, and jurisdictional control. Sovereign cloud has emerged as a response to those pressures. It is designed to ensure that data, infrastructure, and operational control remain within a defined legal boundary. For organizations operating in regulated industries or across multiple jurisdictions, that distinction has become critical.
Read Post
cloudflare

Introducing Programmable Flow Protection: custom DDoS mitigation logic for Magic Transit customers

Mar 31, 2026 By Anita Tenjarla In Cloudflare
We're proud to introduce Programmable Flow Protection: a system designed to let Magic Transit customers implement their own custom DDoS mitigation logic and deploy it across Cloudflare’s global network. This enables precise, stateful mitigation for custom and proprietary protocols built on UDP. It is engineered to provide the highest possible level of customization and flexibility to mitigate DDoS attacks of any scale.
Read Post

Kimi Found 40+ Security Issues in Our Code. Open Source AI Is Here | Michelle Chen

Mar 31, 2026 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé is joined by Michelle Chen from Cloudflare’s AI product team to discuss the rise of open models, the launch of Kimi 2.5 on Workers AI, and why enterprises are rethinking the cost of proprietary AI.
View Video
fidelis security

Behavioral Analysis in Cloud Workload Protection: Why Runtime Detection Is Now Mandatory

Mar 31, 2026 By Fidelis Security In Fidelis Security
Cloud environments don’t follow the same rules traditional data centers did. Workloads spin up in seconds, containers live and die within a single request cycle, serverless functions execute without a persistent footprint, and infrastructure scales faster than any manual security process can track. The security problem this creates isn’t just about scale. It’s about visibility.
Read Post
armo

AI Workload Security on Azure: Evaluating Defender for Cloud Against Specialized Runtime Tools

Mar 30, 2026 By Ben Hirschberg In ARMO
Your SOC gets a Defender for Cloud alert: “Suspicious API call from AI workload pod.” You click through and find a LIST secrets call against the Kubernetes API server from a pod running your invoice-processing agent on AKS. The pod’s Workload Identity has Contributor access to your key vault. By the time your analyst opens the AKS Security Dashboard, the pod has been rescheduled.
Read Post
armo

AI Agent Security Framework on AWS EKS: Implementation Guide

Mar 30, 2026 By Yossi Ben Naim In ARMO
You’ve enabled GuardDuty EKS Runtime Monitoring across your clusters. You’ve configured IRSA for your Bedrock-calling agents. CloudTrail is logging every bedrock:InvokeModel event. And last Tuesday, one of your AI agents exfiltrated 12,000 customer records through a sequence of API calls that every one of those tools recorded as completely normal—because at the control plane level, they were.
Read Post
cloudflare

Cloudflare Client-Side Security: smarter detection, now open to everyone

Mar 30, 2026 By Zhiyuan Zheng In Cloudflare
Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag. If that sounds abstract, here are two recent examples of such skimming attacks: To further our goal of building a better Internet, Cloudflare established a core tenet during our Birthday Week 2025: powerful security features should be accessible without requiring a sales engagement.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.