Cloudflare launches threat intel feed based on 10T cyber events analysed daily 

Cloudflare Cloudforce One - the connectivity cloud co's threat intel team - has officially launched its Threat Events Feed - the industry's most comprehensive, real-time view of cyber threats across the Internet.

It will serve as a force multiplier for security teams with organisations able to tap into insights from Cloudflare's global network - covering 20% of the world's internet - which analyses over 10 trillion daily cyber events to offer a more detailed and contextualised view of ongoing attacks.

Other key features include:

• Built on Cloudflare Workers AI, the Threat Events Feed is designed to both scale and maintain resiliency during surges in data that reflect the unpredictable nature of attacks on the Internet.
• The Feed gives organisations unique visibility into the constant attack stream across the Internet, providing an attacker timelapse view that addresses the most relevant details of an attack.
• The Threat Events Feed also provides users with actionable indicators of compromise (IoCs) and event summaries, including the associated threat actor group, with profiles that break down methods and map tactics. This gives security teams context around the data gathered, allowing them to prioritise activity and focus limited resources on the most pressing threats. 

Please find the full press release below for further details and let me know if any questions.

For context, Cloudflare is a connectivity cloud platform protecting 20% of the world's internet. In Q4 2024, Cloudflare blocked an average of 997 million cyber threats per day targeting Australia.

Best,

Valencia

Cloudflare Expands Threat Intelligence Offering with New Comprehensive, Real-time Events Platform 

Customers can tap into insights from Cloudflare's global network - one of the largest in the world - which blocked an average of 227 billion cyber threats each day during Q4 2024

Sydney, March 20, 2025 - Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from Cloudflare's massive global network, Cloudforce One's threat events platform helps security teams get more done with the same resources by spotting issues faster, responding to threats quickly and staying one step ahead of how cybercriminals operate and what systems they target. 

Every day, cybercriminals change tactics, finding new vulnerabilities to exploit and ways to overwhelm their victims. What's more, cybercrime costs are projected to reach $10.5 trillion in 2025. For organisations to keep up, they need to understand the threat landscape they face. However, traditional threat intelligence feeds often lack meaningful or complete context for why a threat event was placed on the feed-similar to getting a warning without an explanation or path to resolution. Optimal threat intelligence feeds need to cut through the noise to deliver specific, actionable information about cybercriminals, emerging risks, and indicators of compromise (IoCs) that directly impact an organisation's security posture.

"Not all threat feeds are reliable or timely. The industry is plagued by insights that are stale or fragmented, significantly increasing organisations' chances of falling victim to hackers," said Matthew Prince, co-founder and CEO, Cloudflare. "Cloudflare has built one of the world's largest global networks, which positions us to be one of the only companies that has access to the most complete and accurate threat intelligence. Our unique robust visibility makes our threat events platform the most comprehensive option to move the needle."

Built on Cloudflare Workers AI, the threat events platform is designed to both scale and maintain resiliency during surges in data that reflect the unpredictable nature of attacks on the Internet. Starting today, the Cloudforce One threat events platform can help organisations:

Gain a single view of the constant attack stream across the Internet: Now, organisations will have access to an attacker timelapse view powered by threat insights no one else has, designed to answer strategic questions and drill down into the details of an attack. This approach ensures that users have access to the most relevant information at their fingertips.

Take action against today's sophisticated threat actors: Security teams can tap into personalised information for a specific environment, industry or region. Threat events provide users with actionable IoCs and event summaries, including the associated threat actor group, with profiles that break down methods and map tactics.

Boost efficiency and reaction speed of security teams: Threat events provide valuable context around the data gathered, allowing security teams to prioritise activity and focus limited resources on the most pressing threats. Businesses can significantly improve their threat intelligence ecosystem and overall security posture by routing and integrating the right threat intelligence into cybersecurity tools. 

"Organisations need actionable threat intelligence to understand the scale of threats they are up against, and how the aggression and techniques of hackers are evolving," said Blake Darché, Head of Cloudforce One, Cloudflare. "Most industry tools flood security teams with threat intelligence that's irrelevant, often leading to false positives and/or negatives. Cloudforce One's threat events platform keeps customers focused on the most pressing threats to their direct environment, from trivial risks up through complex use cases like the exploitation of CVEs or insider threats."