Cloudforce One

Note

You must have a Cloudforce One subscription to access Cloudforce One on the dashboard.

Cloudforce One is a threat intelligence solution that offers threat research reports, brand protection, Request for Information (RFIs), and more.

Cloudforce One Requests

Cloudforce One allows you to review and manage Request for Information (RFIs) from the dashboard.

To review and manage Request for Information:

1. Log in to the Cloudflare dashboard ↗ and select your account.
2. Go to Security Center > Cloudforce One Requests, then populate the required fields.

Submit RFIs

To submit RFIs (Request for Information):

1. Log in to the Cloudflare dashboard ↗ and select your account.
2. Select Cloudforce One Requests > Select New Request.
3. Fill in the required fields, then select Save.

Once you select Save, the dashboard will display an overview of the shared information consisting of:

• Status: When you submit the RFI, the status is Open. Once the team accepts the RFI, the status changes to Accept. When the team commits to answer your RFI, the status changes to Complete.
• Priority: Priority of request.
• Request type: Choose among a selection of request types, such as DDos Attack, Passive DNS Resolution, and more.
• Request content: The content of the request.

The Responses section allows you to add clarifying questions and comments.

To view your RFI, select Cloudforce One Requests on the sidebar, locate your RFI, then select View. From here, you can also choose to edit your existing RFI by selecting Edit.

Upload and download attachment

You can also choose to upload and download an attachment.

Under Attachments, select the file you want to upload, then select Save.

To download an attachment, select Download on the attachment.

Analyze threat events

Threat events allow you to protect your assets and respond to emerging threats.

To access and analyze threat intelligence data on the dashboard:

1. Log in to the Cloudflare dashboard ↗ and select your account.
2. Select Security Center > Threat Intelligence.

You can filter Threat Events by:

• Attacker
• Attacker Country
• Target Country
• Target Industry
• TLP (Traffic Light Protocol)
• Indicator Type
• Kill Chain ↗
• Tags
• Event Category

You can also filter by Date range.

Some events will not display Target Country and Target Industry because they are unknown information. There may be situations where the attacker's information is unknown. When Cloudflare finds a new attacker, the attacker will be assigned a new name.