Cloudflare TV

Security incident response (Code Red) with Grant Bourzikas

Presented by: João Tomé, Grant Bourzikas
Originally aired on February 15 @ 2:00 AM - 3:00 AM EST

In this week's program, we talk about Cloudflare’s security.

João Tomé is joined by Grant Bourzikas, Cloudflare’s CSO. We discuss how we dealt with a Thanksgiving 2023 security incident related to an October 2023 Okta compromise that Cloudflare had previously mitigated.

Also, we discuss the significance of our access controls, firewall rules, hardware keys, and Zero Trust architecture in limiting the threat actor's impact. No Cloudflare customer data or systems were affected by this incident, and no services were compromised — that is the result of our investigation, including an independent analysis by CrowdStrike’s Forensic team. We are sharing detailed information about the incident and the measures taken, in line with Cloudflare’s commitment to transparency — aiming to raise awareness and assist others in mitigating similar threats. We outline the attack's timeline and what we understand about the sophisticated threat actor, likely a nation-state.

Furthermore, we define ""Code Red"" to enhance our security posture to further thwart the highly sophisticated threat actors we are seeing more of across all industries. The all hands-on deck approach, security & engineering tightly aligned on the outcome, enabled success. Additionally, we offer guidance on short-lived certifications, the importance of precision, and what CISOs and others can anticipate in 2024 regarding security challenges related to AI, global elections, and various types of DDoS attacks, among others.

We also take a moment to review some of the blog posts published since January, focusing on new capabilities for developers (AI included), product features, an 2024 API report, deep dives, etc.

You can check some of the highlighted blog posts:

English
Thumbnail image for video "This Week in NET"
This Week in NET
Tune in for weekly updates on the latest news at Cloudflare and across the Internet. Check back regularly for updates. Also available as an audio podcast!
Watch more episodes 
background