Cloudflare has committed to securing its software systems through its participation in the United States Cybersecurity and Infrastructure Agency's (CISA) Secure-by-Design pledge. The company aims to reduce entire classes of vulnerabilities by implementing a proactive detection and prevention strategy, which includes building secure defaults, leveraging automation, and empowering developers. Cloudflare's focus on addressing vulnerability classes such as injection and secrets has led to significant reductions in these types of threats, with notable decreases in secrets in code and potential SQL injection and code injection vulnerabilities. The company will continue to mature its security practices, including providing secure frameworks, threat modeling at scale, and integrating automated security tooling into the software development lifecycle. By following CISA's principles, Cloudflare is committed to creating resilient systems where security is not just a feature but a foundational principle.