Security
Cloudflare offers the following features to help secure your APIs:
- API Discovery
- Volumetric Abuse Detection
- Sequence Analytics
- Sequence Mitigation
- GraphQL malicious query protection
- JSON Web Tokens Validation
- Mutual TLS (mTLS)
- Schema Validation
Cloudflare's API Shield — together with other compatible Cloudflare products — helps protect your API from the issues detailed in the OWASP® API Security Top 10 ↗.
The following table provides examples of how you might match Cloudflare products to OWASP vulnerabilities:
OWASP issue | Example Cloudflare solution |
---|---|
Broken Object Level Authorization | Sequence Mitigation, Schema Validation, JWT Validation, Rate Limiting |
Broken Authentication | mTLS, JWT Validation, Exposed Credential Checks, Bot Management |
Broken Object Property Level Authorization | Schema Validation, JWT Validation |
Unrestricted Resource Consumption | Rate Limiting, Sequence Mitigation, Bot Management, GraphQL Query Protection |
Broken Function Level Authorization | Schema Validation, JWT Validation |
Unrestricted Access to Sensitive Business Flows | Sequence Mitigation, Bot Management, GraphQL Query Protection |
Server Side Request Forgery | Schema Validation, WAF Managed Rules, WAF Custom Rules |
Security Misconfiguration | Sequence Mitigation, Schema Validation, WAF Managed Rules, GraphQL Query Protection |
Improper Inventory Management | Discovery, Schema Learning |
Unsafe Consumption of APIs | JWT Validation, WAF Managed Rules |