AI Security Mesh
Argus + Cloudflare

Cloudflare security in one mesh

Zone-level posture, WAF observability and edge-rule audits for every Cloudflare account you connect.

Connect CloudflareAll integrations
What Argus sees on Cloudflare

The specific signals, on this platform

Argus treats every platform with the depth it deserves — these are theCloudflare-specific signals the mesh produces.

Zone-level posture

Each connected Cloudflare zone is audited for DNS records, edge rules, security level, bot fight mode and rate-limiting configuration.

WAF and rule observability

Argus reads existing WAF rules and edge configurations to surface gaps and redundancy. It can also push rules under Auto-Protect once you authorise it.

Origin exposure

Argus checks for origin bypass paths — direct IP exposure, certificate misalignment, header echo — that would let an attacker reach the origin around the edge.

Set up in three steps

From zero to a mesh in under five minutes

Authorise the Cloudflare integration

Create an API token with the read scopes Argus requests and paste it into the integration. Optionally grant rule-write scope for Auto-Protect.

Select zones

Pick the zones you want covered. Argus indexes each and produces findings within minutes.

Decide on Auto-Protect

Choose whether Argus may push edge rules autonomously for the reversible class of actions (rate-limit a brute-forcer, block an IP) or whether every change requires your approval.

Findings you will see

What ends up in your queue

Missing or weak edge security rules
Origin exposure via direct IP or certificate misalignment
Rate-limit configuration gaps
Bot Fight Mode and WAF configuration drift
Read further

Topic hubs and audience pages

Cloud & CDN posture

The discipline this connector sits inside, with field notes from the team.

Attack surface management

The discipline this connector sits inside, with field notes from the team.

WordPress owners

How this connector fits the audience that uses it most.

Pricing

Unlimited targets on every paid tier. AI usage is what is metered.

Cloudflare FAQ

Questions, answered

Will Argus push rules without my permission?
No. Read-only by default. Rule pushes only happen when you turn on Auto-Protect explicitly and grant the rule-write scope. Disruptive rules surface a plain-language approval card before they run.
How does this compare to Cloudflare’s own security insights?
Cloudflare’s tab is good at zone-level signals. Argus correlates those with your source repo, your host and your CMS — so a WAF gap and a vulnerable WordPress plugin show up in the same incident.
Does it work with Cloudflare Workers?
Worker exposure (public routes, secret references) is on the roadmap. Today, Argus covers the zone and edge configuration; Worker source analysis is best done via the connected GitHub repo.
Can I revert anything Argus did?
Every protective action is logged with an undo token. One-click revert from the actions ledger.
What about Cloudflare for SaaS?
In design. The connector model is the same; the scope is what differs. Talk to us if you need it.
Does it audit DNS records?
Yes — records that point to abandoned services, takeover-prone CNAMEs, and missing CAA records. DNS takeover is one of the cheapest attacks; the mesh treats it as a first-class signal.

Connect Cloudflare in five minutes.

Findings start arriving within minutes.

Open Argus →Talk to us