All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Security Center - Create WAF rules directly from Threat Events saved views

26d ago

Source

CloudflareSecurity Center - Create WAF rules directly from Threat Events saved viewscloudflare.com
Snippet from the RSS feed
Cloudforce One users can now turn Threat Events indicators into active defense. With this update, users can instantly generate a WAF rule that matches the dynamic list of IP addresses returned by any of their Saved Views . Why this matters Threat intelligence is most effective when it is immediately actionable. Previously, blocking threat actors required manually extracting indicators from threat events and copying them into your firewall rules. This new integration bridges the gap between threat discovery and threat mitigation: When you identify an active threat pattern - such as an ongoing campaign targeting a specific industry, or using a known indicator type - you can pivot from investigation to mitigation in a single click. Instead of writing complex, static IP rules, this functionality allows you to leverage the specific filtering logic you have already defined and saved within your Threat Events ecosystem. Automating the generation of the WAF rule expression from your threat views eliminates manual copying errors, ensuring that the right malicious infrastructure is blocked instantly. How to use it You can implement these rules through both the dashboard UI and via the API / Terraform. Go to Cloudflare Dashboard > Application Security > Threat Intelligence > Manage Views , select your desired view, and select Create WAF Rule . This will automatically pre-populate the WAF rule builder with the matching threat event IP indicators. You can also automate this workflow by utilizing the WAF Rule Builder API alongside your Threat Events saved views endpoints .

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.