Employers might love generative AI—until an employee pastes internal financials or proprietary code into ChatGPT, Claude, or Gemini, and the company’s secrets float into the cloud.
Cloudflare, whose technology powers nearly 20% of the web, today rolled out AI oversight into its enterprise security platform, Cloudflare One. The feature gives IT teams instant visibility into who’s chatting with AI—and what they’re secretly feeding it. The company is positioning it as a kind of X‑ray eyes for employees’ generative AI usage, tucked into the dashboard the IT guys already use.
“Admins can now answer questions like: What are our employees doing in ChatGPT? What data is being uploaded and used in Claude? Is Gemini configured correctly in Google Workspace?” the company said in its blog post.
Shadow AI no more
Cloudflare says that three out of four employees use ChatGPT, Claude, or Gemini at work for everything from text edits and data crunching to debugging and design. The problem is that sensitive data usually disappears into AI tools without leaving a trace. Cloudflare’s product integrates at the API level and scans for questionable uploads.
According to the company, a rogue prompt can instantly train an external model with your confidential data, which is then gone forever.
Larger competitors in the enterprise security space—such as Zscaler and Palo Alto Networks—also offer AI oversight. Cloudflare claims that what sets Cloudflare One apart is its hybrid, agentless model. It combines out-of-band API scanning (for posture, configuration, and data leaks) with inline, edge-enforced prompt controls across ChatGPT, Claude, and Gemini—all without requiring software installation on endpoints.
A free speech absolutist
Cloudflare has long branded itself as a content-neutral infrastructure provider—not a moderator—meaning it generally refrains from policing what its clients publish, unless ordered to do so by law. This stance traces back over a decade: CEO Matthew Prince has emphasized that Cloudflare is not a hosting platform and doesn’t determine what content is permissible; instead, it simply ensures that websites—regardless of their ideology—stay online and protected.
This “free-speech absolutist” approach has drawn scrutiny. Critics note that Cloudflare has enabled hate-filled, extremist, or otherwise harmful sites to remain accessible—often solely because no authoritative request to drop them was made. A 2022 Stanford study found that Cloudflare disproportionately serves misinformation websites relative to its overall share of internet traffic.
Still, there have been rare reversals. In 2017, Cloudflare terminated services for white supremacist site The Daily Stormer—a controversial move, made only after the site falsely claimed Cloudflare secretly shared its pro-Nazi beliefs. Prince later described the decision as a reluctant exception, made under pressure that forced a break from their policy of neutrality.
Similarly, in 2019, Cloudflare dropped 8chan following its link to mass shootings, acknowledging that the community had become dangerously lawless.
More recently, in 2022, Cloudflare finally pulled support from Kiwi Farms amid mounting harassment, doxxing, and threats to human life. That shutdown came after activist-led pressure and reports of escalating violence.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
