Cloudflare changelogs | CASB

CASB - Understand CASB findings instantly with Cloudy Summaries

Fri, 20 Feb 2026 00:00:00 GMT

You can now easily understand your SaaS security posture findings and why they were detected with Cloudy Summaries in CASB. This feature integrates Cloudflare's Cloudy AI directly into your CASB Posture Findings to automatically generate clear, plain-language summaries of complex security misconfigurations, third-party app risks, and data exposures.

This allows security teams and IT administrators to drastically reduce triage time by immediately understanding the context, potential impact, and necessary remediation steps for any given finding—without needing to be an expert in every connected SaaS application.

To view a summary, simply navigate to your Posture Findings in the Cloudflare One dashboard (under Cloud and SaaS findings) and open the finding details of a specific instance of a Finding.

Cloudy Summaries are supported on all available integrations, including Microsoft 365, Google Workspace, Salesforce, GitHub, AWS, Slack, and Dropbox. See the full list of supported integrations here.

Key capabilities

Contextual explanations — Quickly understand the specifics of a finding with plain-language summaries detailing exactly what was detected, from publicly shared sensitive files to risky third-party app scopes.
Clear risk assessment — Instantly grasp the potential security impact of the finding, such as data breach risks, unauthorized account access, or email spoofing vulnerabilities.
Actionable guidance — Get clear recommendations and next steps on how to effectively remediate the issue and secure your environment.
Built-in feedback — Help improve future AI summarization accuracy by submitting feedback directly using the thumbs-up and thumbs-down buttons.

Learn more

Learn more about managing CASB Posture Findings in Cloudflare.

Cloudy Summaries in CASB are available to all Cloudflare CASB users today.

CASB - New SaaS Security weekly digests with API CASB

Fri, 14 Nov 2025 00:00:00 GMT

You can now stay on top of your SaaS security posture with the new CASB Weekly Digest notification. This opt-in email digest is delivered to your inbox every Monday morning and provides a high-level summary of your organization's Cloudflare API CASB findings from the previous week.

This allows security teams and IT administrators to get proactive, at-a-glance visibility into new risks and integration health without having to log in to the dashboard.

To opt in, navigate to Manage Account > Notifications in the Cloudflare dashboard to configure the CASB Weekly Digest alert type.

Key capabilities

At-a-glance summary — Review new high/critical findings, most frequent finding types, and new content exposures from the past 7 days.
Integration health — Instantly see the status of all your connected SaaS integrations (Healthy, Unhealthy, or Paused) to spot API connection issues.
Proactive alerting — The digest is sent automatically to all subscribed users every Monday morning.
Easy to configure — Users can opt in by enabling the notification in the Cloudflare dashboard under Manage Account > Notifications.

Learn more

Configure notification preferences in Cloudflare.

The CASB Weekly Digest notification is available to all Cloudflare users today.

CASB - CASB introduces new granular roles

Tue, 28 Oct 2025 00:00:00 GMT

Cloudflare CASB (Cloud Access Security Broker) now supports two new granular roles to provide more precise access control for your security teams:

Cloudflare CASB Read: Provides read-only access to view CASB findings and dashboards. This role is ideal for security analysts, compliance auditors, or team members who need visibility without modification rights.
Cloudflare CASB: Provides full administrative access to configure and manage all aspects of the CASB product.

These new roles help you better enforce the principle of least privilege. You can now grant specific members access to CASB security findings without assigning them broader permissions, such as the Super Administrator or Administrator roles.

To enable Data Loss Prevention (DLP), scans in CASB, account members will need the Cloudflare Zero Trust role.

You can find these new roles when inviting members or creating API tokens in the Cloudflare dashboard under Manage Account > Members.

To learn more about managing roles and permissions, refer to the Manage account members and roles documentation.

CASB - New CASB integrations for ChatGPT, Claude, and Gemini

Tue, 26 Aug 2025 16:00:00 GMT

Cloudflare CASB now supports three of the most widely used GenAI platforms — OpenAI ChatGPT, Anthropic Claude, and Google Gemini. These API-based integrations give security teams agentless visibility into posture, data, and compliance risks across their organization’s use of generative AI.

Key capabilities

Agentless connections — connect ChatGPT, Claude, and Gemini tenants via API; no endpoint software required
Posture management — detect insecure settings and misconfigurations that could lead to data exposure
DLP detection — identify sensitive data in uploaded chat attachments or files
GenAI-specific insights — surface risks unique to each provider’s capabilities

Learn more

These integrations are available to all Cloudflare One customers today.

Data Loss Prevention, CASB, Cloudflare One - Data Security Analytics in the Zero Trust dashboard

Mon, 23 Jun 2025 09:00:00 GMT

Zero Trust now includes Data security analytics, providing you with unprecedented visibility into your organization sensitive data.

The new dashboard includes:

Sensitive Data Movement Over Time:
- See patterns and trends in how sensitive data moves across your environment. This helps understand where data is flowing and identify common paths.
Sensitive Data at Rest in SaaS & Cloud:
- View an inventory of sensitive data stored within your corporate SaaS applications (for example, Google Drive, Microsoft 365) and cloud accounts (such as AWS S3).
DLP Policy Activity:
- Identify which of your Data Loss Prevention (DLP) policies are being triggered most often.
- See which specific users are responsible for triggering DLP policies.

To access the new dashboard, log in to Cloudflare One and go to Insights on the sidebar.

CASB - Find security misconfigurations in your AWS cloud environment

Fri, 22 Nov 2024 00:00:00 GMT

You can now use CASB to find security misconfigurations in your AWS cloud environment using Data Loss Prevention.

You can also connect your AWS compute account to extract and scan your S3 buckets for sensitive data while avoiding egress fees. CASB will scan any objects that exist in the bucket at the time of configuration.

To connect a compute account to your AWS integration:

In Cloudflare One, go to Cloud & SaaS findings > Integrations.
Find and select your AWS integration.
Select Open connection instructions.
Follow the instructions provided to connect a new compute account.
Select Refresh.

Access, Browser Isolation, CASB, Cloudflare Tunnel for SASE, Digital Experience Monitoring, Data Loss Prevention, Email security, Gateway, Multi-Cloud Networking, Cloudflare Network Firewall, Network Flow, Magic Transit, Cloudflare WAN, Network Interconnect, Risk Score, Cloudflare One Client - Explore product updates for Cloudflare One

Sun, 16 Jun 2024 00:00:00 GMT

Welcome to your new home for product updates on Cloudflare One.

Our new changelog lets you read about changes in much more depth, offering in-depth examples, images, code samples, and even gifs.

If you are looking for older product updates, refer to the following locations.

Older product updates