Cloudflare has announced an expanded set of security features for its Zero Trust platform, Cloudflare One, to help enterprises adopt generative AI safely and efficiently. This move highlights the increasing adoption of generative AI across industries for various purposes, including marketing, customer support, product design, and software engineering.
However, many companies lack the necessary protections to mitigate significant security and privacy risks. Cloudflare’s new offerings aim to fill this gap, positioning the company as both a security partner and an enabler of large-scale enterprise AI adoption.
The rapid adoption of generative AI has led employees to explore tools that enhance workflows and foster innovation. Yet, unmonitored use of these technologies has introduced vulnerabilities. Risks include employees sharing sensitive company data with public chatbots or using AI-driven applications without corporate security oversight. Cloudflare’s new features are designed to provide enterprises with visibility into AI usage while offering enforcement tools to protect company data and systems.
“Cloudflare is the best place to help any business roll out AI securely,” said Matthew Prince, CEO and co-founder of Cloudflare. “We are the only company today that can offer the security of a Zero Trust platform with a full set of AI and inference development products – all backed with the scale of a global network. The world’s most innovative companies want to pull the AI lever to move, build, and scale fast, without sacrificing security. We are in a unique position to help power that innovation—and help bring AI to all businesses safely.”
A key part of the launch is AI Security Posture Management (AI-SPM), a toolset within Cloudflare One that provides security leaders with real-time insights into AI usage across the enterprise. Through Cloudflare’s Shadow AI Report, organizations can determine not only if employees are using AI applications but also which specific services are being accessed and how. Cloudflare argues that this level of visibility is crucial for developing policies that support safe usage without imposing blanket bans that hinder productivity.
Cloudflare Gateway would further extend these protections by enabling companies to enforce AI-related security policies directly at the network edge. Organizations can block unapproved applications, limit sensitive data uploads, or mandate review processes before AI tools are approved for use. Another feature, AI Prompt Protection, allows companies to analyze prompts and responses in real time. This helps identify potentially risky interactions, such as employees inputting proprietary source code into an external AI tool, and enables inline interventions ranging from warnings to outright blocking.
The company has also introduced Zero Trust MCP Server Control, designed to provide visibility into how AI models interact with third-party tools and services. By consolidating all MCP (model context protocol) server calls into a single dashboard, organizations can achieve granular oversight of AI-driven workflows that extend beyond their core environment. Security teams can then establish user-level policies to manage these requests, ensuring consistency and compliance across departments and geographies.
These additions underscore Cloudflare’s ambition to make AI-ready security a core part of its Zero Trust strategy. As more enterprises seek to leverage generative AI for competitive advantage, they face the dual challenge of fostering innovation while maintaining compliance, resilience, and trust. Cloudflare’s move positions the company to meet that demand by offering an integrated solution that combines global scale, Zero Trust architecture, and AI-specific safeguards.
The update comes as enterprises rapidly recalibrate their IT strategies around generative AI. Cloudflare’s message is clear: security must evolve alongside adoption, and without integrated visibility and controls, organizations risk exposure to breaches and compliance violations. By embedding AI oversight into its core Zero Trust platform, Cloudflare is betting that companies will increasingly view secure AI deployment not as optional but as foundational to business transformation.
