Source URL: https://blog.cloudflare.com/cloudflare-radar-ddos-leaked-credentials-bots/
Source: The Cloudflare Blog
Title: Extending Cloudflare Radar’s security insights with new DDoS, leaked credentials, and bots datasets
Feedly Summary: For Security Week 2025, we are adding several new DDoS-focused graphs, new insights into leaked credential trends, and a new Bots page to Cloudflare Radar.
AI Summary and Description: Yes
Summary: The text provides insights into Cloudflare’s ongoing advancements in security analysis tools, particularly during their Security Weeks in 2023, 2024, and the upcoming initiatives for 2025. Key features include enhancements to URL scanning, email security monitoring, DDoS attack mapping, and credential leakage detection. This information is especially relevant for security and compliance professionals aiming to stay ahead of emerging threats and utilize robust protective measures.
Detailed Description:
The text discusses Cloudflare’s developments in their security services, focusing on how the Cloudflare Radar tool has evolved to enhance visibility and protection against threats. Here are the major points covered:
– **Product Launches and Innovations:**
– **URL Scanner (2023)**: A tool enabling users to scan URLs for safety assessments.
– **Email Security Page (2024)**: This page highlights the risks from malicious emails, spam analysis, and adoption of email authentication standards like SPF, DMARC, and DKIM.
– **DDoS-Focused Enhancements (2025)**: New graphs and insights will be introduced, and additional focus will be placed on leaked credential trends.
– **Layered Security Structure:**
– The restructured Security & Attacks page now features distinct Application Layer and Network Layer sections to help users navigate attack data more efficiently.
– Insights encompass both HTTP-based and network-related attack traffic.
– **Geographical and Network Insights on DDoS Attacks:**
– A choropleth map visualizes the geographic distribution of DDoS attack sources and targets.
– Quarterly reports have historically tracked the origins and targets of application layer DDoS attacks, with notable findings about cloud provider concentrations.
– **Credential Leakage Detection:**
– Cloudflare introduced a privacy-preserving checker for scanning authentication requests for known compromised credentials.
– Data indicates a high percentage of leaked credentials being used in authentication requests, hinting at persistent issues like password reuse.
– **Bot Traffic Analysis:**
– A new dedicated Bots page has been launched to monitor bot vs. human HTTP requests.
– The analysis of bot traffic trends reveals that a significant portion of authentication requests may still come from bots, potentially indicating automated attack strategies.
– **Macro-Level Perspective on Security Trends:**
– Cloudflare Radar enables users to access both individual customer security trends and aggregated insights across the network, aiding in proactive threat management.
– Data is available through the Radar API and can be visualized via the Radar’s Data Explorer.
Overall, Cloudflare’s advancements offer robust capabilities for security professionals looking to enhance their defenses against evolving internet threats. The detailed insights, maps, and data sharing capabilities can empower organizations to better understand their security posture in the context of larger threat landscapes.