← Back
Cloudflare
Cloudflare integrates Mastercard's RiskRecon for attack surface visibility, available Q3 2026
Cloudflare · featureintegrationsecurityapi · blog.cloudflare.com ↗

Attack Surface Discovery and Continuous Monitoring

Cloudflare is partnering with Mastercard to integrate RiskRecon attack surface intelligence directly into the Cloudflare dashboard. This new capability addresses a critical security gap: discovering domains and assets that organizations don't know exist. By continuously profiling the internet footprint of over 12 million organizations, the integration will automatically identify shadow IT, forgotten subdomains, and unauthorized cloud servers using only publicly accessible data—the same vantage point attackers use to find entry points.

Security Posture Intelligence

The integration will provide comprehensive security posture insights across multiple categories:

  • Software Patching: Detection of unpatched application servers, OpenSSL, CMS, and web servers
  • Application Security: Exposed CMS administration interfaces, unencrypted high-value systems, and malicious code detection
  • Web Encryption: SSL certificate issues including expiration, weak algorithms, and invalid subjects
  • Exposed Services: Identification of unsafe network services (databases, RDP, VNC) and IoT devices

According to Mastercard's analysis of 388,000 organizations, systems proxied through Cloudflare show significantly better security hygiene: 53% fewer software vulnerabilities, 58% fewer SSL/TLS issues, and 98% fewer instances of malicious behavior compared to unprotected systems.

Prioritization and Remediation

Discovered assets will be assigned criticality levels (High, Medium, Low) to help teams prioritize remediation efforts. High-criticality systems are those collecting sensitive data or running critical services, while medium and low designations account for proximity to sensitive assets and website type. Once discovered, organizations can immediately secure unprotected domains by routing them through Cloudflare's proxy to deploy WAF, DDoS protection, and other security controls without modifying the underlying applications.

Availability

The integration will be available for preview in the third quarter of 2026 for customers on pay-as-you-go and Enterprise plans within Cloudflare's Application Security suite.