Cloudflare has partnered with Wiz, now part of Google Cloud, to help organisations secure AI-powered applications across their environments. The integration combines Cloudflare’s AI Security for Apps with the Wiz Security Graph to improve visibility, reduce shadow AI risks and strengthen AI security management.
Organizations are shipping AI-powered features faster than security teams can track them. Every new chatbot, copilot, or AI-powered search endpoint is a potential attack surface vulnerable to prompt injection, sensitive data exfiltration, and abuse. The challenge is knowing which ones exist across your web properties, whether they have security guardrails in place, and whether those guardrails are actually working. To help organizations understand their AI footprint and whether they have the necessary guardrails in place, CISOs need a single source of truth where they can better understand and secure their AI and cloud infrastructure.
The integration helps customers autonomously eliminate AI blind spots across their infrastructure, allowing security teams to safely accelerate AI adoption. Cloudflare’s AI Security for Apps equips organizations with guardrails at the edge to secure AI endpoints from risks such as prompt injection and unsafe topics, while Wiz’s AI Application Protection Platform (AI-APP) simultaneously maps the complete AI application and surfaces the security gaps. By integrating Cloudflare’s security rules into the Wiz Security Graph, security teams can prioritize risks based on exploitability. As a result, CISOs gain visibility into the LLMs operating across their web properties and runtime controls to enforce policies. Cloudflare and Wiz are model and host-agnostic, protecting endpoints regardless of the LLM or cloud provider.
“AI is the most transformative technology we’ve seen in a generation, powering countless capabilities. But for a majority of businesses, it can be a black box. When talking with CISOs today, they are struggling with the balance of being an enabler of innovation with AI, while combating uncontrolled shadow AI across their organization because their legacy security tools are effectively useless at this level,” said Tom Evans, Chief Partner Officer at Cloudflare. “The Cloudflare and Wiz partnership helps tackle this trade-off. Now, we are delivering a solution to allow innovation with AI at speed, without the worry that their most sensitive data will be exposed.”
“Security alignment isn’t just about reducing risk, it’s an enabler of AI application development,” said Oron Noah, VP of Product, Extensibility & Partnerships at Wiz. “By combining Wiz’s end-to-end visibility with Cloudflare’s edge protections, we close a critical gap in how AI risk is managed. This partnership gives organizations a unified view of AI application endpoints and shared risk context, helping them stop threats like prompt injection and shadow AI before they start.”
Cloudflare’s partnership with Wiz empowers customers to:
- Discover Shadow AI: identify all LLM endpoints across your web properties, including ones deployed without security team involvement, and understand which are protected and which are exposed.
- Inspect AI Traffic In Real Time: Cloudflare AI Security for Apps runs detections on every request to LLM endpoints to identify and mitigate PII leakage, prompt injection, and custom-defined topics. These detections run in parallel across Cloudflare’s global network, without adding latency to AI traffic.
- Map Sensitive Data Flows: Wiz maps data flows between AI applications, models, and data stores onto its Security Graph, giving security teams visibility into where sensitive data interacts with AI workloads to help teams prioritize remediation.
- Verify Guardrails: Wiz verifies that AI deployments are protected by Cloudflare’s AI Security for Apps. If guardrails are missing or misconfigured, Wiz alerts teams for direct remediation within the Cloudflare platform.
- Prioritize Remediation: The integration surfaces which unprotected AI endpoints have access to sensitive data or production systems, so security teams fix the highest-risk gaps first.
The partnership delivers a seamless integration without needing custom workflows or additional agents to deploy. Cloudflare’s detections run inline on its global network, one of the largest and most interconnected in the world, so organizations gain AI security without architectural changes or performance trade-offs.
