Comment by mike_d

3 days ago

Remember that Cloudflare does a MITM on every connection to every website they front.

CF not only protects them... they have real time intelligence on who is getting attacked, who is paying for it, and all the parameters of the attack (type, volume, duration, etc).

What would your sales team give for leads this hot?

5 comments

mike_d

gruez 3 days ago

>they have real time intelligence on [...] who is paying for it,

This is credible as "amazon has real time intelligence on all their e-commerce competitors because they operate AWS".

stevenally 3 days ago

It's true though, isn't it.... The question is do they use it?
jsiepkes 3 days ago
It would be way more complex for AWS to look at data in VM's then for cloudflare to look at unencrypted HTTP traffic. Heck they probably already do for various monitoring.
- gruez 3 days ago
  
  >It would be way more complex for AWS to look at data in VM's then for cloudflare to look at unencrypted HTTP traffic.
  Most enterprises aren't using AWS as a VPS provider. They're going to be using other products like API gateway, ELB, or WAF, all of which expose traffic for easy analysis. Even if for whatever reason they are, the pareto principle applies. They don't need to care about the long tail of e-commerece vendors out there, only the whales. For that, they can just get an intern (or nowadays, LLM) to dump out the disk and manually dissect whatever's on there.