All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Data Loss Prevention - Detect Cloudflare API tokens with DLP

2mo ago

Source

CloudflareData Loss Prevention - Detect Cloudflare API tokens with DLPcloudflare.com
Snippet from the RSS feed
The Credentials and Secrets DLP profile now includes three new predefined entries for detecting Cloudflare API credentials: Entry name Token prefix Detects Cloudflare User API Key cfk_ User-scoped API keys Cloudflare User API Token cfut_ User-scoped API tokens Cloudflare Account Owned API Token cfat_ Account-scoped API tokens These detections target the new Cloudflare API credential format , which uses a structured prefix and a CRC32 checksum suffix. The identifiable prefix makes it possible to detect leaked credentials with high confidence and low false positive rates — no surrounding context such as Authorization: Bearer headers is required. Credentials generated before this format change will not be matched by these entries. How to enable Cloudflare API token detections In the Cloudflare dashboard , go to Zero Trust > DLP > DLP Profiles . Select the Credentials and Secrets profile. Turn on one or more of the new Cloudflare API token entries. Use the profile in a Gateway HTTP policy to log or block traffic containing these credentials. Example policy: Selector Operator Value Action DLP Profile in Credentials and Secrets Block You can also enable individual entries to scope detection to specific credential types — for example, enabling Account Owned API Token detection without enabling User API Key detection. For more information, refer to predefined DLP profiles .

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.