The connectivity cloud that quietly became the default security fabric for the AI internet — sitting between every agent, every model, and every user.
www.cloudflare.com ↗Cloudflare was founded in 2009 by Matthew Prince, Michelle Zatlyn, and Lee Holloway, and is headquartered in San Francisco, CA. The company operates one of the world's largest distributed networks, spanning 330+ cities, and has evolved from a CDN and DDoS protection provider into a comprehensive connectivity cloud covering application security, network security, developer infrastructure, and AI tooling. Over 30% of the Fortune 1000 rely on Cloudflare for critical internet infrastructure.
Cloudflare closed FY2025 with revenue of $2.17 billion, a 30% year-over-year increase, and its largest-ever contract averaging $42.5 million annually. On the M&A front, it announced the acquisition of Replicate in November 2025 (bringing 50,000+ AI models to Workers AI), acquired Human Native in January 2026 to strengthen AI content licensing, and acquired Astro in January 2026 to expand its developer platform for AI-era web applications. The company expanded its collaboration with IBM in March 2026 to deliver AI security to IBM Cloud customers.
Cloudflare's technical differentiation in AI security stems from its network-layer vantage point: every request to an AI application already traverses Cloudflare's infrastructure for performance and DDoS protection, making AI security an additive layer rather than a separate deployment. AI Gateway provides a single proxy endpoint for managing, caching, rate-limiting, and securing LLM API traffic across providers. Firewall for AI detects prompt injection, jailbreak attempts, PII leakage, and toxic content inline. AI Security for Apps, launched as generally available in March 2026, adds discovery and protection for AI-powered applications behind Cloudflare's reverse proxy.
Cloudflare's position is structurally different from every other vendor in this category: it already sits in front of roughly 20% of the web, and the 'agentic internet' trend — where AI bots increasingly outnumber human users — plays directly into its hands. Every agent calling an LLM, every MCP request, every API invocation flows through infrastructure that Cloudflare either hosts (Workers AI) or protects (AI Security for Apps, Firewall for AI). The company does not need to be 'selected' for AI security the way a point solution does; it simply extends existing controls. For security architects, Cloudflare's unified platform means AI-specific signals (prompt injection attempts, PII exposure) are automatically correlated with broader threat context — something no standalone AI security product can offer at this scale. The IBM partnership signals enterprise channel momentum that smaller competitors cannot match.
Cloudflare competes with Zscaler in SASE/SSE, with Akamai in CDN/application security, and with AWS/Azure/Google in developer infrastructure. Its AI security suite puts it in direct competition with Netskope and Cato for enterprise AI governance, and with startups like Lakera and PromptArmor for LLM-specific threat detection. Cloudflare's decisive advantage is distribution: 5+ million paying customers already rely on its platform for web performance, making the incremental adoption of AI security a dashboard toggle rather than a procurement cycle. The company's 30%+ revenue growth at $2.2B scale, combined with a 48% RPO growth rate, signals that the AI platform pivot is resonating with enterprise buyers. Its primary limitation is the absence of endpoint and identity controls that Zscaler and Palo Alto offer for comprehensive zero trust architectures.
206 companies across 10 categories — the most comprehensive AI security company tracker.
Browse All Companies →