Cloudflare takes AI Security for Apps to GA and expands AI endpoint discovery across plans
Original: AI Security for Apps is now generally available View original →
Cloudflare announced general availability for AI Security for Apps on March 11, 2026. The product is designed to sit in front of AI-powered applications, discover AI endpoints, detect threats such as prompt injection, PII exposure, and toxic topics, and then let teams enforce policy through Cloudflare’s existing WAF tooling. Cloudflare argues that AI applications and agents create a different security problem from traditional web apps because inputs and outputs are probabilistic, tool calls can trigger real actions, and malicious prompts can turn into immediate incidents.
The GA release adds two meaningful changes. First, AI endpoint discovery is now free for all Cloudflare customers, including Free, Pro, and Business plans, giving security teams visibility into where AI is already deployed. Second, Cloudflare added custom-topics detection so companies can define business-specific subjects they want to detect or control, rather than relying only on generic categories. The company also expanded its ecosystem position by announcing work with IBM Cloud Internet Services and a partnership with Wiz so customers can connect application-layer guardrails with a broader cloud AI-security view.
Why it matters
- Discovery is becoming a first-class AI security problem because many teams do not have a reliable inventory of AI endpoints and agent surfaces.
- The product reflects a push to merge AI-specific protections with familiar web-security controls instead of creating a separate operational stack.
- As more apps hand tool access to models, infrastructure vendors have a stronger opportunity to define the control plane for production AI security.
Cloudflare notes that the full protection suite is available for Enterprise customers, while lower-tier plans currently get the discovery layer first. It also says discovery works best when enough valid traffic is present to identify AI behavior accurately. Even with those limits, the announcement is important because it shows AI security maturing into a practical application-security category, focused less on abstract alignment debates and more on protecting live traffic, APIs, and agent workflows.
Related Articles
Cloudflare said on March 11, 2026 that AI Security for Apps is now generally available. The company also made AI endpoint discovery free across Free, Pro, and Business plans while adding custom topic detection and expanded policy controls.
Cloudflare made AI Security for Apps generally available on March 11, 2026 and opened AI endpoint discovery to all customers, including Free, Pro, and Business plans. The launch adds custom topic detection and folds AI-specific controls into the company’s existing reverse-proxy and WAF stack.
Claude products now touch real tools, so the risk question is shifting from model persuasion to execution boundaries. Anthropic says users approved about 93% of Claude Code permission prompts, a number that weakens human-in-the-loop defenses.
Comments (0)
No comments yet. Be the first to comment!