Announcing Claude Compliance API support with Cloudflare CASB

Applications of AI
Michael Lewis


Today, we’re expanding the capabilities of Cloudflare. Cloud Access Security Broker (CASB) support Claude Compliance API. Security and compliance teams can now monitor Claude usage directly in the Cloudflare dashboard. No endpoint agent required.

Enterprise security teams have long struggled to understand how users interact with sanctioned and unsanctioned applications. The rapid adoption of AI applications has made this even more difficult. Employees spend more time in these new surface areas, and their interactions differ from traditional SaaS. Users upload files and share free-form prompts, and providers generate content that may contain sensitive data.

Cloudflare CASB Please help resolve this issue. A single API integration provides out-of-band visibility and control over the applications your organization uses. This integration builds on existing support. AI governanceexpands the scope of the most common tools security teams currently manage.

Shortcuts to safely deploying AI

AI adoption is outpacing security governance. IT and security teams raced to enable AI tools to increase productivity, but control was slow. Most organizations today operate with partial visibility. This means that while you can block unauthorized AI tools at the network layer, you cannot see what is happening inside authorized AI tools.

This is important because AI tools are different from traditional SaaS applications. They are conversational, persistent, and deeply integrated into workflows through APIs and agent frameworks. Employees may paste customer data into prompts. Developers can accidentally share an API key and leave it unupdated for months. AI applications can generate content that contains trade secrets. Each of these actions creates compliance risks that traditional security tools cannot detect.

Organizations are rapidly adopting AI, but these tools require a different security model. It’s not just about reading data. Generate it in a single workflow, process it based on it, and connect it to multiple systems of record. Security must cover the entire lifecycle, from how an application calls APIs to the data it processes and where that data is stored. Cloudflare gives organizations the tools to do this at any point in their workflow.

  • Cloudflare AI Gateway It sits between your application and an AI provider like Anthropic, providing observability of requests, token spend, and model performance. This allows administrators to apply rate limits, cache responses, and make fine-grained routing decisions.

  • cloudflare gateway and Data loss prevention Inspect AI traffic for sensitive data and block prompts containing personally identifiable customer information or sensitive material before they reach your models.

  • Access to Cloudflare and MCP Server Portal Centralize agent connectivity to corporate tools behind a single, protected endpoint. Administrators control which users and agents can access which systems, and all requests are logged for auditing.

  • Cloudflare CASB Now we extend this same unified approach to data at rest within Claude, scanning for misconfigurations and sensitive data without the use of endpoint agents.

These functions run in parallel on the same metal, with each service fulfilling both functions. Configurable and programmable. More importantly, it means your traffic doesn’t have to hairpin through multiple vendors or clouds to be protected.

Greater insight and control with Cloudflare CASB

Cloudflare CASB helps organizations connect, scan, and monitor third-party SaaS applications for misconfigurations, inappropriate data sharing, and other security risks through lightweight API integrations. Organizations can regain visibility and control over their growing investments in SaaS apps.

As enterprises deploy Claude at scale, security and compliance teams need to understand its usage, just like any other enterprise application in the stack. Anthropic recognized this gap and built the Claude Compliance API to give companies programmatic access to security-related data about Claude organizations, workspaces, and usage.

Cloudflare CASB now leverages this endpoint to uncover actionable security results without the need for inline traffic inspection or endpoint agents.

What the Claude Compliance API reveals

This integration allows Cloudflare One customers to monitor Claude Enterprise activity using the detection and remediation workflows they already utilize. Cloudflare CASB is Compliance API Scan for security findings.

Starting today, Cloudflare supports security findings for the following assets:

  • Projects: Discover projects shared across your entire organization or a subset of users or groups.

  • Project Attachments: Files and documents added to projects that violate DLP policies

  • Chat files: User-uploaded and provider-generated files that violate DLP policies

  • Chat messages: User prompts and provider responses that violate DLP policies

  • Artifacts: Provider-generated documents and files that violate DLP policies

These results are displayed directly on your Cloudflare dashboard, along with posture and content results from other SaaS applications. The findings are grouped and ordered by category. severity level. Security teams can prioritize, assign, and remediate cloud-specific risks using the same workflows they use in Microsoft 365, Google Workspace, and Salesforce.

Support for Claude Enterprise and Claude Platform

for claude enterpriseCASB uncovers compliance data for organizations, projects, chats, roles, and more. It also captures conversation content, such as messages and uploaded files, through a dedicated read-only endpoint to prevent data loss.

for Claude PlatformCASB will continue to show member and workspace changes, API key creation, and file creation or download events. We plan to add support for activity feeds in the near future.

CASB translates findings into action. A security detection discovered by Claude, such as a user uploading a file containing sensitive data, can become a gateway policy in minutes. Gateways allow you to block specific users from uploading to Claude, restrict access to your application entirely, or limit functionality until the issue is resolved. This moves security teams from visibility to action by combining CASB findings with Cloudflare’s existing inline policy engine.

To enable Claude Compliance API integration:

  1. Make sure you have a Claude Enterprise account.

  2. Request compliance API access from your organization’s Claude.

  3. In your Cloudflare dashboard, go to Zero Trust > Integrations > Cloud & SaaS.

  4. [統合の追加]>[Anthropic]and enter your compliance API key.

  5. Configure a DLP profile if you want to scan uploaded files for sensitive data.

The integration will start scanning immediately and display results on your dashboard within minutes.

If you’re a new Cloudflare customer, you can: sign up The first two integrations are free to get started. Existing customers can enable the integration directly in their dashboard.

We continue to expand our CASB coverage of AI tools as providers release new enterprise security APIs. We are also increasing integration within CASB so that customers can create custom findings and build workflows to automatically remediate security findings.

The transition to agent AI is here, and we believe the best way to help organizations securely deploy agent AI is by providing a unified platform to build, deploy, and manage agents. To get the latest information, Developer documentation or Subscribe Updated automatically.



Source link

Related Posts

Data Curation: The Key to Intelligent…

Michael Lewis

Sendbird launches SmartAssistant, the first no-code generative AI chatbot for web and mobile apps

Michael Lewis

5 Bad ChatGPT Mistakes to Avoid

Michael Lewis