Everything Announced at Cloudflare AI Week 2025

I'm curious also with the full week, an August week, with a full week of announcements, what were the announcements that you saw that surprised you the most in terms of feedback of folks around? Yeah, great question. I think the overall feedback and excitement we got around the AI Gateway announcements and improvements, that was a pleasant surprise. I was very excited to see that. As well as the real -time communication things that we did around voice and video chat, we've seen really, really exciting results with that. And then on the corporate security side of things, I think they weren't necessarily a surprise, but we saw a lot of excitement around both the ability to do prompt detection and logging, as well as MCP server portals. I think I've talked to almost two or three customers every single day since the MCP server portal blog went out. So we've seen real excitement around folks trying to get a handle around a really exciting technology, but a technology that doesn't necessarily have all the right controls in place yet. Hello everyone, and welcome to This Week In Net. We're already in September, and this is an episode all about Cloudflare AI Week. So a lot of security, a lot of possibilities for sure. Last week we had five days full of cool announcements, so we're going to go over some of the highlights. I'm your host, Ronto Mé, based in Lisbon, Portugal, and with me I have again in our show Kenny Johnson, Senior Product Manager. Hello Kenny, how are you? Joao, thanks for having me. Doing well. We had a really exciting week. I'm definitely looking forward to resting up this weekend, but we had an amazing set of announcements this week. Many. Although it's late August, it's just before September arrives. We had this amazing week full of things. For those who don't know about our Innovation Weeks that we do several times a year, how can we summarize what this AI Week was about? Yeah, absolutely. So we do Innovation Weeks at Cloudflare where we tend to cluster a major set of announcements that we really try to get back to the Internet or get back to specific communities. So what we wanted to do with AI Week specifically was AI is obviously dominating the narrative across the world right now. Nobody in business is not thinking about AI. Something that we've noticed is that tools to control, govern, and safely deploy and build AI experiences have not kept up to the actual innovation going on in the AI space. So the majority of the things that we focused on this week were about either securing and identifying existing employee AI use, building new world-class AI experiences with security baked in, or continuing to supercharge Cloudflare's underlying technology with AI itself. So we're really excited about some of the announcements that we were able to put out this week. For sure. Typically we do this, a day has a topic and this was not an exception specifically. So the week kickstarted with a blog post that you wrote also with James Hallworth about welcome to AI Week. But then on Monday we had a, I would say, an AI governance and visibility type of day, right? In terms of announcements. Yeah, that's correct. So the major announcements from AI Week were all about controlling access to AI tools you don't necessarily know your employees are using. So we announced a number of features around being able to detect shadow AI, which is a subset of shadow IT, which is the concept of, hey, I don't necessarily know what my end employees are using. That has exploded with the use of AI tools because the reward is so high as an employee. If I can paste a piece of source code into GPT and get a magic answer, that's great. And that's very appealing. So we wanted to give folks the ability to identify and understand what people are using because tools are popping up so quickly. The other component is adding the ability to do prompt detection, logging, and controls. So not only identifying the tools themselves, but giving administrators and security practitioners the ability to see how their users are interacting with tools and then put safety guardrails around the tools that are approved, but not necessarily for every single use. So that was the other kind of major announcement on Monday. The other piece that was announced during that day is we've launched a video series called AI Avenue, that we're very excited to continue to push more and more content focused on AI development and building great AI tools. Absolutely. And you were mentioning that specifically, AI Avenue, and this is the blog, a lot to share and also many partnerships here. Entropic, 11 Labs, people that have been working in AI heard many of these names and they are participating in this show, right? Yeah, absolutely. And we saw a lot of traction and excitement around AI Avenue. We've got really amazing partners that are going to be working with us. The team did a really phenomenal job putting out a high quality product. So I definitely recommend subscribing and checking out AI Avenue as it continues to roll out new episodes. Perfect sense. You mentioned already beyond the ban, a better way to secure generative AI applications. These types of things are also around and important really, right? In this day and age. Yeah, 100%. And these are the pieces that we're kind of missing from the security tool set of teams. There weren't great ways to control and govern this. So teams were having to make a decision to either outright ban or just kind of sit in a state where they're wide open and allowing employees to use whatever they want. So this allows you to create that happy medium where you can say, yeah, use these approved tools, but we're going to monitor and look for and put controls in place so that you're not putting credit card numbers, social security numbers, source code, things like that if you don't want that to be uploaded into specific large language models. Moving on in terms of the week, we had a bit of more the enterprise security tools for AI type of day on Tuesday specifically. Yes. Yeah. So Tuesday was a continuation of the security theme, but more focused on building the approved path for specific tools, as well as being able to plug into existing enterprise licenses. So the major, major announcements for the day, one included, we announced API integrations with major AI providers, including GPT, Clod, and Gemini. And what that API integration allows you to do is scan for known misconfiguration and security issues without having to monitor the user's network traffic or install anything on an end user's device. That's really nice because the prompt detection and logging is great, but it requires inspecting user's network traffic, which there's some work involved with that. The API integrations are one click and you immediately start to get insight into potential issues and potential misconfiguration. So that's something that you can spend a minute on deploying and you're immediately going to start to see value in terms of identifying potential misconfigurations in those enterprise tools or the enterprise tier of those tools. Makes sense. Those are really, really important for those that want to use all of the benefits from AI. Yeah, 100%. Another major announcement that really got a lot of excitement kind of out on X and other social media platforms, especially from the development community was MCP server portals. And what MCP server portals allow you to do are MCP is the model context protocol. It's if you want to use an MCP client like Clod or Windsurf or something like that, where you want to interact with proprietary data or another SaaS applications data in a large language model or in an AI assisted coding platform. What MCP portals allows you to do is you can create a single unified URL that provides access to multiple MCP servers. And the benefit there is currently with MCP servers, every MCP server exists on its own. It's been built by a developer. It's rolled out by a third party. So logging is disparate. Access policies to them are disparate. It's really hard for security and IT teams to get control around those particular features. What portals allow you to do is centralize that configuration into a single URL so that users all pass through your corporate single sign on and then they're shown the servers that you have assigned them access to via explicit access policies. And then additionally, you get controls on which tools and prompts are made available to those end users and you centralize logging. So you don't have to go to individual servers to see which tools and prompts and resources are being invoked. You can see that all centrally. So we're really excited that one's available today in the platform. You can go try that out and we're going to be adding a number of different features. I can see you've got a what's next pulled up. We detail those things in the blog. So we're definitely excited for folks to go try that out. It's a good way to start and experiment here. People can sign up there in the blog specifically. Yeah, absolutely. Any more from that day? Yeah, just two other things. I'll highlight three other quick things. The first one is we announced a confidence score for large language providers and large language models. This is going to be ever evolving and creating a risk score for a model or for a SAS tool is not a novel thing. The thing that we did do that is fairly novel is we are making this framework completely open and transparent. Most providers out there from what I've seen, they just flag somebody high, medium, low or zero to 100. And there's not a lot of explanation behind the score. We are going to be publishing these scores and we're going to make the rubric completely public. So you will be able to assess for yourself which controls you care about, which controls you don't care about, as well as model providers will be able to see and understand how they improve and drive down the overall potential risk associated with their platform. And this will be rolling out over the coming weeks into the Cloudflare dashboard. For now, we just announced the actual framework. The other two blogs from the day that are just worth highlighting. The first one is we put together a best practice guide that is a collection of what we see our world class AI adopted customers doing. It's a collection of that plus our own security team. I definitely recommend checking that out. And then finally, we added the option, the ability to do prompt detection and content moderation for consumer facing applications in our AI firewall. So that's if you have a public website where you're going to have a user potentially interacting with an LLM, you can put controls in place at the Cloudflare level instead of having to bake them into the underlying model, which will allow you to switch models out, experiment, change things around as need be while still maintaining baseline content moderation and controls before things even ever hit the model or responses leave the model back to the user. Makes sense. And safe prompt blocking and moderation there is quite important in this day and age, for sure. Yes. Let's move on to Wednesday. It's more on the infrastructure and model efficiency, right? In this case? Yes, that's correct. So this is building out world class AI experiences as well as some underlying improvements to Cloudflare's hosting of AI models. So really the major announcements for today from a product perspective were a significant refresh to the AI gateway, and that includes unified billing. So you don't have to pay on a model per model basis. You just get one charge from Cloudflare. We work out the rest with the underlying model providers as needed, as well as there's a number of improvements. Probably my favorite feature that got launched was the ability to do dynamic routing to different models. So you can actually look at the context of the incoming prompt and the incoming connection, the incoming customer, and decide which model to send it to. So you can send it to a more expensive, more sophisticated model, or a more basic model. So you can say like, hey, somebody's spamming me. I'm just going to send them to the cheaper lighter weight model versus like, oh no, this is a high value customer. I want to make sure they're getting my best and brightest. So that is a really, really powerful feature. And Joao's got this blog up. I definitely recommend deep diving that if you are using the AI gateway today, because there's a number of improvements that were announced. And you've got a lot of attraction to this blog, this announcement. Yes. Yeah. There's a lot of excitement around this. The concept of an AI gateway, I think, has developed legs because people want the ability to develop an application but be agnostic to the model, because the models are adapting and evolving so quickly that people don't want to be locked into a specific model and create a bunch of overhead when they have to swap those things out. And the AI gateway allows you to do that, where you can create your application layer and your business logic and all that good stuff. And then whichever model you point at is really a moot point. It's really easy to swap that around, especially with dynamic routing. You can literally run experiments now. Makes sense. Also, we had some announcements regarding state-of-the-art image generation Leonardo models and text -to-speech here, right? Yeah, that was the other big announcement is our first set of proprietary models where you can bring your own license from providers like Leonardo and DeepGram. And thank you to Leonardo and DeepGram for being great partners with us. That really came together quickly, and we're really happy about where that landed. And there's going to be more and more models that are going to be added. So for now, it's image generation and speech generation, but there's going to be a number of things that we're going to be able to add in advance to the platform. And there's a very Cloudflare typical type of vlog, how we built the most efficient inference engine for Cloudflare's network. This is a very cool one and very related to Cloudflare in terms explaining how we do these complex things, right? Yes, it would not be an innovation week without having a technical deep dive or two. So very, very happy with how this came together. If you at all want to kind of understand how we're doing efficient inference spread across our global network, I definitely recommend checking out this blog. The team put together really, really interesting detail around how we do inference at scale across the world, spread out in each of Cloudflare's individual points of presence. Can you help us understand a bit for those who don't know what AI inference is and why is it important here that we're explaining in this blog? Yeah, absolutely. So AI inference is the ability to actually think. So when AI receives an inbound prompt, it needs to make a decision and provide a response. In the early days, this was a very hub-and-spoke model where you had a centralized inference server that all requests had to be routed back to. However, LLMs have become powerful enough and AI inference has become powerful enough that we can actually do that on a fairly lightweight GPU or just a lightweight server. So we can drastically cut latency by sticking those as close to the user as possible, spread across the world, as opposed to having to route back to a central location and wait on the response and then return it to the user. So we can do that much more cost -effectively because you're not spreading bandwidth all over the world. It's very similar to a CDN model where you don't have to go back to one place to fetch an image from a server. Same principle. But in this case, instead of an image, it's a response from an LLM model that's being run via inference. There's another blog post that is a bit on the explaining part, how Cloudflare runs more AI models on fewer GPUs. Also a technical deep dive there. Also important how efficiency is quite important for the next step of this area, right? Yes, 100%. We are constantly focused, just like our core business at Cloudflare, we're constantly focused on how do we get more out of a CPU, how do we get more out of a GPU, so that we're allowing customers to run more and more workloads on the per-server basis because then that means we can put more in our free tier, that means we can make more available to our customers. For me, it's quite impressive to see how there's always some efficiency we can do. Even, okay, AI is much more demanding in terms of GPU, in terms of what we need there, but you can always go on the full throttle of efficiency and get more from that. It's important for the ecosystem. Oh, absolutely. And that's the fun part of being in this space and working on this today is every week things are changing and improving, so it's really, really cool to be on the cutting edge of that. And also, actually, for Thursday, we had a whole bunch of announcements already more on the AI agents, crawlers, creator tools. What can we highlight for Thursday, really? Yeah, absolutely. There was fun timing. Time Magazine put out their top 100 most influential people in AI, and our CEO, Matthew Prince, was actually featured on that list in large part due to this effort. In July, Cloudflare announced what we called the Content Independence Day. And really what that's all about is there's a significant change in the web, where for the last 20 years, the web was built on the idea that search engines will return results and then drive traffic to underlying websites, and then those websites with original content could sell ads to then monetize the original content that they're creating. That worked great for the last two decades. That is not working so well these days, where we're seeing the crawl-to-refer ratio be drastically reduced for these original content sites. And if you think about it, it makes sense. When you go to any search engine before AI and type in a question, you're going to get a set of 10 links, and you're going to click through one of those links. You'll be served some ads, but you'll also get your original content. With the new paradigm, where if I go to an LLM model and I ask a question, it will go crawl those sites to look for the answer, but it's providing me the answer contextually in the LLM, not in the LLM interface, not sending me to that site. It might have a hyperlink, but the odds of me clicking through that hyperlink if I already got my answer are quite low. So then no ad revenue because there's no traffic to that individual site, even though that content provided value to the LLM provider and to the user. So we believe that content providers need to be rewarded for creating original content that still fuels this whole flywheel. So we announced advances in the controls for original content creators to limit the AI scraper bots, basically, that are hitting their site. So we announced the general availability of AI crawl control. So that's the ability to which apps that you do or don't want to allow to your site, as well as an advancement of the beta for actually doing pay-per-crawl. So allowing content creators to say, hey, you can access this, but there needs to be some form of financial compensation. And that's the piece that we're working with model providers, as well as original content creators to understand what that framework needs to look like in order to save original content on the web. If monetization via ads goes away and there's nothing to replace it, then the Internet is going to become a much more hollow place. And that's not a world that we want. Absolutely. This is the blog post where we discuss more on the AI crawl control in this case. Actually, a very cool name. It reminds me of Paw Patrol. I have a nine-year-old kid that loves it. I keep thinking of Paw Patrol too. But it's a very cool next step from that announcement on July the 1st, for sure. It goes GA, General Available, quite important. And you were mentioning the time piece about MetaPrince, and here it is. Time, AI5, always important. As a previous show, always important for me as well. But it's definitely a set of tools that are building up on that announcement that we're seeing now results in terms of what people can do specifically. Another very important one there is this part of the age of agents, obviously recognizing agent traffic. It's all about a new standard, web bot auth. Quite important as well, really, to have the standard behind this relationship between sites, bot creators, to bring trust to this area as well. Yeah, absolutely. And this is another important part of the framework is there is going to increasingly be a number of agents and bots acting on behalf of human beings, which is still a good thing. That is something that we do want to empower website owners to be able to allow, as well as agent model providers to be able to do on behalf of their users, because that does make a better Internet. If I can create underlying agents to go do things on my behalf as a person out there in the world, that's a good thing. The thing that we want to create a framework around is this idea of allowing agents to cryptographically prove who they are, because instead of creating coarse-grained rules where you're looking at IP addresses or host names or something like that, you can use this signature to identify your bot from a cryptographic standpoint so that website providers out there in the world can identify that and allow that, as opposed to having to play the typical whack-a-mole for anybody who's dealt with bots on their site by blocking bad bots but accidentally blocking good bots, and then all of a sudden you end up with this big long list of allow lists and block lists, and it gets really unwieldy, versus the signed agent model or the cryptographic verification of bots model allows you to do this in a much smoother way and then block all other bot traffic. Makes perfect sense. There's actually a very cool announcement here in terms of the first cohort of agents that we're partnering with, and it's ChatGPT agent GooseFromBlock browser base and Anchor browser, so cool to have partners here in this standard specifically, and also close to heart, the Radar new page about bots directory is also important to get a sense of what bots there are and what they are doing specifically. Yes. Quite important also as an announcement. And that was another really exciting post from Thursday, was looking at the overall bot traffic associated with AI crawlers, and that was powered by Cloudflare Radar, and we found some really interesting things in terms of which providers are doing the most crawling, when do they do it, is it on behalf of users, is it for training data, there were some really interesting things that played out, and I definitely recommend checking out the blog that David Belson put together, where he does a really good deep dive on that. Makes sense. Any other thing from Thursday that we should highlight, maybe Autorag? Yes, Autorag is basically a way to make your site friendly for an LLM model or an agent to interact with your site. Sites that are built for human beings are not necessarily built in the best way for a bot to structurally go through and understand and discern what's on your site, so Autorag plus NLWeb, which is a Microsoft product, allows you to create a version of your site that is super streamlined for an agent to interact and fetch and find details around that site, and then the NLWeb component allows you to do that using natural language, so it's a piece that we're very excited about for website owners to be able to create. They can have the human-facing version of their site, but then they can create the AI agent fast path that allows agents to return information the most efficiently for end users grabbing information from their site. Quite interesting to see this conversational perspective. It's a different web way of seeing the web specifically, what this enables, which is quite interesting. Absolutely. A site that becomes conversional is quite important and interesting. Yes. I'm curious to see what developers will do with these capabilities, these new tools for sure. A lot to explore there. And Friday, it was about AI insights, analytics, and threat defense, right? Yes. The primary pieces that were announced today were around additions to Cloudflare's actual platform itself, adding AI experiences into that. For anybody who's a Cloudflare admin out there, you can end up in a huge needle in a haystack problem because Cloudflare is sitting in front of either your public website or your corporate resources. Or you've built things on Cloudflare Workers. All of those things can throw off thousands, hundreds, millions of logs in a given day. And those logs can contain real insight into security issues, into infrastructure misconfiguration issues, into end user latency and problems. But today, it takes a human being to go through and tune those logs and search those logs and look for issues. That problem I just described is what LLMs are really, really good at. They're good at taking significant sets of data and then comparing them against known patterns and known problems and then providing human readable insight to go take action. So we announced a number of chatbot powered interfaces. Cloudflare's chatbot is called Cloudy, kind of a throwback to Clippy. So Cloudy, we added a number of Cloudy integrations. One includes our email detections. So today, Cloudflare's email security product will scan for vulnerabilities before an email hits a user's inbox. Oftentimes, those detections aren't always the easiest to understand why something was blocked or why something was allowed. So now, Cloudy will allow you to be able to query against potential detections and get a deeper explanation of why that particular email was blocked, allowed, why it got flagged, those types of things. Some of the other pieces that we added were being able to troubleshoot connectivity and performance challenges within the Cloudflare Zero Trust suite of products. So Cloudflare Zero Trust has an actual agent that runs on your device that proxies user traffic, basically sending all their Internet traffic to Cloudflare. That can have, for anybody who's a network admin out there, you know that there's loads of problems with that in terms of just tuning and getting it right. Even if Warp's working perfectly, there can be another firewall you're interacting with, captive portals come with challenges. So we added an MCP server and a chat interface to be able to interact with diagnostic logs from our digital experience monitoring, which is basically network monitoring, as well as the device client itself, looking at the diagnostic logs from the client running on a user's device. So that gives you the ability to do some initial troubleshooting on your end and understand what might need to change in order to unblock that user. Previously, this was almost always a ticket to Cloudflare support, which selfishly creates a big backlog for us. But we also know that people don't really want to interact with support if they don't have to. They want to be able to self-heal and self-remediate issues. So this is a thing that I think will really help folks debug things without having to wait on a potential support ticket or asking around on the Internet. Makes sense. It definitely improves observability, their access to information, performance. Those things are always important and always cool to see machine learning and AI being involved here specifically. Yes. The one other Cloudian announcement was just an expansion of our threat analysis and response. So the ability to look at potentially flagged threats and have those explained and see and understand that information more deeply. Today, Cloudflare puts a lot of effort into flagging malicious domains. This extends that to see and understand the reasoning behind those particular items that were potentially flagged and get an explanation. And there's also some numbers already in terms of users trying Cloudy for custom rule creation. Yes. So it's definitely already around, but it's expanding in a way. Yes. We're seeing folks have great success with it. It's a really exciting thing. And like you said, we deep dive what we've seen so far. And I've seen a few months ago a first demo of Cloudy and I was surprised on how much it was able to do, like step by step, helping someone, even a non-expert person, just to try to delve into the realm of understanding and making better decisions. It's quite impressive to see at work. Oh, absolutely. It's starting to feel really magical, which is, I think, a special point to get to. And always with the chat bot type of thing where you can type and ask questions and things like that. So that's impressive as well. And I wrote this blog post based on radar data that explains how by mid 2025 training drives nearly 80% of AI crawling. No surprise there. And while referrals to publishers, especially news publishers, and especially from Google are falling. And also GPT bot and Cloud bot searched in terms of being the crawlers doing the most crawling in terms of AI. So a reference there as well. Yeah, that was fascinating. I really enjoyed that post. And in a way, I'm curious also with the full week, an August week with a full week of announcements, what were the announcements that you saw that surprised you the most in terms of feedback of folks around? Yeah, great question. I think the overall feedback and excitement we got around the AI gateway announcements and improvements, that was a pleasant surprise. I was very excited to see that. As well as the real-time communication things that we did around voice and video chat, we've seen really, really exciting results with that. And then on the corporate security side of things, I think they weren't necessarily a surprise, but we saw a lot of excitement around both the ability to do prompt detection and logging, as well as MCP server portals. I think I've talked to almost two or three customers every single day since the MCP server portal blog went out. So we've seen real excitement around folks trying to get a handle around a really exciting technology, but a technology that doesn't necessarily have all the right controls in place yet. I was also curious that OpenAI, yesterday actually, on Thursday, introduced GPT real -time. So it's a speech-to- speech model for developers. And real-time is something that's quite important for us, and we've been working on real-time for a while as well. So also a cool thing that happened this week, that in a sense it's related to what AI is able to do, really. Yeah, absolutely. And in terms of the call-to -action type of thing, if folks that want to explore some of the announcements that we did over the full week, where should they start? For sure the blog, but is there a way for folks you think could be a good entering point for some of the announcements here? Yeah, so the majority of these announcements are available and live in the dashboard today across pretty much every single Cloudflare plan. So a lot of these things you can just go get your hands dirty and try out. One other plug that I'll make specifically for the security-focused blogs at the beginning of the week, at the bottom of those blogs there's a link that calls out if you want to be part of a research group that we're putting together, or basically a focus group for customers who want to provide input both on our AI security roadmap, but also test out some of the messaging that we're doing around that. So if you are really interested in AI security and controls, I definitely recommend checking that piece out as well. Some of the other things to keep an eye on, like we talked about AI Avenue, our web series about AI is also going to be a great thing to watch out for. And then there's a big blank, a big bank of, for the folks that are more visual learners or want to get an understanding of what some of these things are, we did a number of Cloudflare TV recordings, which can all be accessed through the AI Week hub that Joao was showing earlier. Exactly, that's Cloudflare.com slash ai-week, so easy to spot, and I'll put the information also in the graphics. Well, it was definitely a cool week, and at Cloudflare we never stop, so birthday week, Cloudflare celebrating 15 years in late September, it's just a few weeks short, so a lot to unpack as well for that. Anything that we should mention for folks to get a sense of what was the AI Week? One thing they should take from it as a sentence? I think the biggest thing is we're just getting started. There are going to be so many new announcements coming out over the next couple quarters, there are so many things that we can take this set of initial features that we launched and do more with them, so please just keep an eye on the blog, keep an eye on our social, we're going to be launching many, many more new features associated with these things, as well as we're really interested in hearing from customers where they're struggling, what are their concerns, what are their concerns, so go explore and tell us about it. Let's see what folks build and explore and get more efficient and are more safe in a sense. Well, thank you, this was great Kenny. Excellent, thank you so much, I appreciate you having me on. And that's a wrap, it's done. Awesome.