← Back
Cloudflare
Cloudflare CASB adds automated remediation for file-sharing risks across Microsoft 365 and Google Workspace
Cloudflare WorkersCloudflare · featuresecurityapiplatform · blog.cloudflare.com ↗

Automated Remediation Now Live

Cloudflare has launched Remediation for its Cloud Access Security Broker (CASB), enabling customers to automatically fix file-sharing risks directly from the CASB Findings dashboard. Previously, CASB provided visibility into risky configurations—public links, organization-wide shares, and external oversharing—but required manual remediation through individual SaaS app admin consoles or ticketing systems. This release closes that loop with one-click fixing.

What Gets Fixed

The initial remediation capabilities focus on the highest-impact file-sharing risks:

  • Public links that allow internet-wide viewing or editing
  • Organization-wide sharing on files that should be restricted to specific users
  • External sharing to personal accounts and domains outside the organization
  • Sensitive data matches against configured DLP profiles (documents containing credentials, financial records, or customer data)

Remediation exclusively removes risky sharing configurations without deleting files or changing ownership—a careful design choice to prevent unintended data loss.

Supported Platforms

The feature launches with support for Microsoft 365 (OneDrive and SharePoint) and Google Workspace (Docs, Sheets, Slides, Drive). These platforms host the bulk of business-critical documents in most organizations, making them the natural starting point.

Architecture & Performance

Cloudflare built the remediation system using its own infrastructure stack: Workers, Workflows, Queues, Workers KV, Secrets Store, and Hyperdrive. The architecture prioritizes speed, durability, and reliability at scale:

  • Average remediation completion time: 48 seconds (p50), 72 seconds (p90)
  • Native retry handling for third-party API rate limits
  • All actions logged in Cloudflare One's Admin logs for audit trails and SIEM integration

Next Steps

Every remediation action is fully auditable through Cloudflare One's admin logging, allowing security teams to track who fixed what and when. The company indicates major CASB updates are planned for the coming year.