Security incident response (Code Red) with Grant Bourzikas
In this week's program, we talk about Cloudflare’s security.
João Tomé is joined by Grant Bourzikas, Cloudflare’s CSO. We discuss how we dealt with a Thanksgiving 2023 security incident related to an October 2023 Okta compromise that Cloudflare had previously mitigated.
Also, we discuss the significance of our access controls, firewall rules, hardware keys, and Zero Trust architecture in limiting the threat actor's impact. No Cloudflare customer data or systems were affected by this incident, and no services were compromised — that is the result of our investigation, including an independent analysis by CrowdStrike’s Forensic team. We are sharing detailed information about the incident and the measures taken, in line with Cloudflare’s commitment to transparency — aiming to raise awareness and assist others in mitigating similar threats. We outline the attack's timeline and what we understand about the sophisticated threat actor, likely a nation-state.
Furthermore, we define ""Code Red"" to enhance our security posture to further thwart the highly sophisticated threat actors we are seeing more of across all industries. The all hands-on deck approach, security & engineering tightly aligned on the outcome, enabled success. Additionally, we offer guidance on short-lived certifications, the importance of precision, and what CISOs and others can anticipate in 2024 regarding security challenges related to AI, global elections, and various types of DDoS attacks, among others.
We also take a moment to review some of the blog posts published since January, focusing on new capabilities for developers (AI included), product features, an 2024 API report, deep dives, etc.
You can check some of the highlighted blog posts: