← Back
Cloudflare
Cloudflare AI Security for Apps reaches general availability with free endpoint discovery
Cloudflare · releasefeaturesecurityplatform · blog.cloudflare.com ↗

AI Security for Apps Now Generally Available

Cloudflare has announced the general availability of AI Security for Apps, a security solution designed to protect AI-powered applications from emerging threats. The product addresses a critical gap in application security by defending against attacks unique to large language models (LLMs) and AI agents, such as prompt injection, sensitive data exposure, and unauthorized tool access.

Three Core Capabilities

The platform provides three key functions:

  • Discovery: Automatically identifies LLM-powered endpoints across web properties, regardless of hosting location or model provider
  • Detection: Analyzes prompts against multiple threat modules including prompt injection detection, PII exposure, and sensitive topic identification
  • Mitigation: Enables policy enforcement through the familiar Cloudflare WAF rule builder

Pricing and Availability

Endpoint discovery is now free for all Cloudflare customers, including Free, Pro, and Business plans. For Free plan users, discovery starts when navigating to the discovery page; paid plan customers receive automatic background discovery on a recurring basis. This democratizes visibility into AI deployments across the internet-facing application portfolio.

New Detection Features

The GA release introduces custom topic detection, allowing organizations to define business-specific threats. Financial services firms can detect discussions of particular securities, healthcare providers can flag patient data conversations, and retailers can identify competitor mentions—each configurable without requiring model retraining.

Strategic Partnerships

Cloudflare is expanding collaboration with IBM, which will deliver AI security to its cloud customers through Cloudflare's platform. Additionally, a partnership with Wiz provides mutual customers with unified visibility of their AI security posture across infrastructure and applications.

The solution recognizes that AI-powered applications present fundamentally different attack surfaces than traditional web apps: they accept natural language inputs and generate probabilistic outputs, making deterministic security rules insufficient.