Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)
Cloudflare has introduced encrypted Web Application Firewall (WAF) matched payload logging to provide better visibility into security events while ensuring user privacy. The feature logs only the malicious components of requests and encrypts them using a customer-provided key, preventing access by Cloudflare employees. It uses Hybrid Public Key Encryption (HPKE), an emerging standard developed in part by Cloudflare. This feature will be available to Enterprise customers in the coming months.
Company
Cloudflare
Date published
Dec. 11, 2020
Author(s)
Michael Tremante
Word count
618
Language
English
Hacker News points
3