New Integration Bridges Discovery and Remediation Gap

Cloudflare is partnering with Mastercard to integrate RiskRecon's attack surface intelligence capabilities into the Cloudflare dashboard. The integration, launching in Q3 2026, will enable continuous discovery and monitoring of Internet-facing assets that escape internal security audits—including shadow IT, forgotten subdomains, and unauthorized cloud servers.

How It Works

The integration combines Mastercard's outside-in attack surface scanning (which doesn't require credentials) with Cloudflare's ability to remediate discovered vulnerabilities. Organizations can identify unprotected shadow assets and immediately route them through Cloudflare's proxy to deploy security controls without modifying underlying infrastructure. Mastercard's scanner checks for common exploitation vectors including:

• Unpatched software (application servers, OpenSSL, CMS, web servers)
• Weak or expired SSL/TLS certificates
• Exposed databases and remote access services (RDP, VNC, SQL Server)
• Missing authentication on admin interfaces
• Malicious code and botnet communications

Measurable Security Improvements

Analysis of approximately 388,000 organizations and 18 million systems shows organizations using Cloudflare proxy have significantly better security posture than those that don't:

• 53% fewer software vulnerabilities in patching compliance
• 58% fewer SSL/TLS issues in web encryption
• 98% fewer malicious behaviors (botnet communications, phishing hosting)

What Developers and Security Teams Need to Know

Security Insights will surface discovered assets with criticality levels (High/Medium/Low) assigned based on whether they handle sensitive data, require authentication, or run critical services. Pay-as-you-go and Enterprise Cloudflare customers can preview the integration starting Q3 2026. This addresses a critical gap where organizations cannot protect assets they don't know exist.