Dubai, United Arab Emirates: CloudFlare today announced its trust score for its CloudFlare application. This is a pioneering, transparent metric designed to enable organizations to evaluate SAAS and Generated AI (GEN AI) applications at scale. Scores will soon be available as part of a new suite of company AI Security Attitude Management (AI-SPM) capabilities on the CloudFlare One SASE platform, allowing IT and security administrators to identify trust levels associated with third-party SAAS and AI applications, and ultimately create policies informed by these trust scores.
The availability of SaaS and Gen AI applications has changed the way businesses operate, increasing collaboration and productivity across teams. However, increasing productivity means employees turn to unapproved SaaS and GEN AI applications, which increases risk and often dump sensitive data for a quick productivity victory.
The prevalence of “Shadow It” and “Shadow AI” creates multiple issues for security, IT, GRC, and legal teams. for example:
- GEN AI applications may train models with user input. This could make your own company information publicly available through third parties, competitors, or even clever attacks such as a rapid injection.
- Applications may hold user data for a long time, share data with third parties, have loose security practices, have data breaches or bankrupt, expose data sensitive to the best bidders.
- GEN AI applications can produce biased, insecure, or incorrect output, leading to non-compliance or poor business decisions.
Despite these issues, Gen AI's blanket ban won't work. They suppress innovation and push employee use underground. Instead, organizations need smarter controls.
Therefore, security, IT, IT and GRC teams face difficult challenges. How can each third-party application be properly evaluated without auditing and creating individual policies for everyone whose employees may decide to interact with? And at the rate at which they are multiplying – how can they hope to keep up with all of them?
CloudFlare application reliability scores are transparent, understandable, and accountable metrics that measure app safety, security, and data protection. It is designed to provide Seculity, IT, Legal and GRC teams with a rapid way to assess the rapidly growing space of AI applications.
The score is not based on vibes or black boxes “learning algorithms” or “artificial intelligence engines.” Instead, the score is calculated against an objective rubric that is published in the CloudFlare developer documentation and kept up to date.
As AI applications emerge at an unprecedented pace, the issue of “Shadow AI” strengthens traditional risks associated with Shadow IT. Shadow IT applications create risk when user data is held for a long time, loose security practices, financially unstable, or widely shared with third parties. On the other hand, AI tools create new risks when retaining and training user prompts, or generate biased, toxic, inaccurate or unsafe responses. To separate these different risks, CloudFlare offers two different scores.
- Application Trust Score (5 points) covers the maturity of common SaaS,
- The Gen-AI trust score (5 points) focused on the risks inherent in GEN AI.
The company has chosen to focus on two separate areas to make the metrics scalable (which will allow CloudFlare to apply to applications that are not focused on Gen AI in the future).
CloudFlare is actively improving its scoring methodology. To that end, the company works with a diverse group of experts in the AI ecosystem (including researchers, legal experts, SOC teams, and more) to fine-tune scores and optimize for transparency, accountability and scalability.
By prioritizing transparency in its approach, CloudFlare not only bridges the critical gap in SASE capabilities, but also drives the industry towards stronger AI safety practices.
Comprehensive information on the reliability scores for new CloudFlare applications can be found on this blog.
About CloudFlare
Cloudflare, Inc. (www.cloudflare.com/@cloudflare) is on the task of helping you build a better internet. CloudFlare's set of products protect and accelerate your internet applications online without adding hardware, installing software, or changing lines of code. CloudFlare-powered Internet properties have all web traffic routed over an intelligent global network, making it smarter with each request. The result is a significant improvement in performance and a reduction in spam and other attacks. CloudFlare was named to Antrepreneur Magazine's Top Company Culture 2018 list, and in 2019 Fast Company ranked it as the world's most innovative company. CloudFlare is headquartered in San Francisco, California, with New York, Illinois, New York, New York, San Os, California, Seton, Washington, London, London, London, Singapore, Sydney and Tokyo.
