cybersecurity
Enterprise

Why Matthew Prince thinks AWS is Cloudflare's biggest security rival

Cloudflare versus Palo Alto Networks may be the matchup to watch in the short-term. But “if you fast-forward 10 years from now, I'm not sure that there are stand-alone security players,” Prince said in an interview with Protocol.

A photo of Matthew Prince in a blazer

"At some level, all security is just data analysis. And whoever has the most data … is able to most quickly spot the trends, most quickly spot threats, most quickly stay ahead of it," Cloudflare CEO Matthew Prince told Protocol.

Photo: Cloudflare

As Cloudflare seeks to become a leading vendor in the fast-growing zero-trust security market, it's increasingly going head-to-head with major industry players such as Palo Alto Networks and Zscaler.

“But really, who we think we're competing with over the long-term is AWS,” Cloudflare co-founder and CEO Matthew Prince told Protocol in a recent interview, given the way that both companies are evolving to offer a wide range of services that businesses need to operate — security services among them. The ability to procure a wide range of cloud-based services from a single vendor will be more and more crucial to customers going forward, he predicted.

Prince also discussed what he sees as Cloudflare's advantages as it looks to expand from its roots in application security and into zero trust, which has become a top priority for many enterprises looking to provide secure application access to their distributed workforce. Cloudflare told Protocol that more than 15% of its paying customer base — or, more than 23,000 customers — have now adopted at least one of its zero-trust services.

This interview has been edited and condensed for clarity.

Cloudflare is known for frequently sharing some of the earliest details about major cyber incidents. How are you able to beat out the many other organizations who are also tracking this sort of thing?

At some level, all security is just data analysis. And whoever has the most data — from the most different sources — is able to most quickly spot the trends, most quickly spot threats, most quickly stay ahead of it. And so I don't think it's a surprise that when we were doing an analysis on Log4j, the earliest indications of the [vulnerability] being exploited were picked up by us. We were ahead of everyone else. Same thing was true when the Atlassian [Confluence] exploit from [early June] went around — we found the earliest instances of when it was exploited. And that's because we've got such a broad base. It's north of 20% of all of the web that sits behind us. That gives us just an unparalleled view.

In terms of your security services, what are the areas where Cloudflare wants to compete? Are there areas you don’t plan to get into?

[For securing customers today] there's a big component around identity, and we don't play in that space. There are a bunch of [companies] that do identity well, and we partner with all of them. There's a role for endpoint security and antivirus, and we don't play in that space either. But we partner with almost everyone in it.

Then between those two things, there's a role for network security. We want to play in every part of that space. That means, we want to be a forward proxy and a reverse proxy. We are actually the largest forward proxy in the world today, based on traffic. We're able to provide a huge amount of security services across that. What we want to be is the “future network” that you wish the internet had been from the beginning, when it was designed.

"At some level, all security is just data analysis."

And that means yes, providing DDoS [mitigation], providing web application firewall — but also traditional firewall services, VPN services, gateway services and access control services. And hooking those in with whomever you choose as your identity provider and whomever you choose as your endpoint security provider.

That is the direction the world is going. I think we fit the model of what Gartner calls SASE [secure access service edge] better than any other company, in terms of providing the complete set of services that they view as a complete SASE platform .

In terms of your biggest competitors in security, who would they be? Zscaler? Palo Alto Networks?

We have products that line up straight against Zscaler, Palo Alto, Imperva, Akamai. What I think is different about us is that we look further in the future, and are more ambitious, and have designed our network to be extensible and programmable.

Palo Alto will always [be] at a disadvantage to either us or Zscaler over the long-term. I think that you really do need to know how to run the network yourself, in order to get the performance and pricing that we're able to [offer]. It's very difficult to build a cloud service on top of somebody else's cloud. I think you need to run it yourself.

We have been competing with Zscaler around the edges for quite some time. I think you can be bullish on them and bullish on us. There's a lot of Cisco VPNs to replace out there, a lot of Cisco firewalls. I think that for both of us, that's the primary focus. But I think what we have really seen in the last six months is that we are getting pulled into more and more deals.

How does your recent launch of a partner program factor into your competitive efforts in zero-trust services?

I think the way we have gone to market traditionally is different than [Zscaler]. We tend to be very practitioner-led. And we tend to land with one solution and then expand that solution over time. They tend to be much more systems integrator- or partner-led, and they tend to land with a much broader initial solution upfront.

I think that the right answer is, you should be able to do both. And so, when we recently announced our channel program, of the top 20 Zscaler partners, half of them are now Cloudflare partners as well. Now you will see us in many more of those deals that come through system integrators and partners, which is a bit of a newer skill for us. What will continue to be the case is [our emphasis on] practitioner-led [deals], which has always been the bread and butter of how we've gone to market. And I think that that's something that neither Palo or Zscaler are able to match.

If things go your way — and you're able to fulfill this vision you have for your security business — how big of a player in cybersecurity do you think Cloudflare could be in the future?

If you fast-forward 10 years from now, I'm not sure that there are stand-alone security players. And so I actually think that the Zscalers and Palo Altos are more likely to get absorbed into [the platforms of] the larger cloud providers. Or they’ll replicate that functionality themselves. That's not going to happen in the short-term.

"[I]f you have enough data, and you're running it all through systems that you control, you can solve a lot of these problems very effectively."

The last company I started was in the anti-spam space. And I remember pretty clearly when Bill Gates said [in the future] "there will be no anti-spam companies.” Everyone in the space laughed at him. But he was just dead-right. What he saw, that others didn't see, was that if you have enough data, and you're running it all through systems that you control, you can solve a lot of these problems very effectively. For traditional spam, Gmail and Microsoft and others have largely solved the problem. If you try today to run your own mail server, it's really difficult. But because everything is consolidated behind a relatively small set of email providers, they have largely tackled the spam problem.

I think in 10 years, you will see more and more of what is traditionally thought of as the cybersecurity space get absorbed by cloud providers. So when we think about who we are competing with, [yes] we always compete with Zscaler and Palo Alto. But really, who we think we're competing with over the long-term is AWS. I think the companies that are able to take cybersecurity and do it well — and build out a true cloud platform themselves — will dwarf anything that we're seeing in the cybersecurity space today.

The traditional knock on cybersecurity companies is that they have a very short shelf life. I think the way that you avoid that is by truly solving the problem — and then recognizing that over time, as that problem gets solved, cybersecurity just becomes table stakes.

Why just name AWS as a major competitor? Not Microsoft, too?

I think we will compete with those companies, but we'll also cooperate with them as well. Microsoft has been a terrific partner to us and uses our network for a number of things. For instance, their VPN product, which is built into Microsoft Edge, is powered by Cloudflare's network. I actually think with Microsoft, we are much more cooperative. I think Amazon is the company that I would say we're much more competitive with.

Kyle Alspach

Kyle Alspach ( @KyleAlspach ) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

cloudflare aws matthew prince zero trust security cloud palo alto networks zscaler cybersecurity
Fintech

Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

cryptocurrency blockchain bitcoin lawsuit
sponsored content
Sponsored Content

How is technological innovation breaking down barriers and increasing access to financial services?

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more .

Keep Reading Show less
FTA
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.
sponsored sponsored content
amazon web services
Enterprise

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep Reading Show less
Donna Goodison

Donna Goodison ( @dgoodison ) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

aws amazon web services cloud computing analytics data analytics adam selipsky

Farewell from Protocol

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep Reading Show less
Bennett Richardson

Bennett Richardson ( @bennettrich ) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.

machine learning
Enterprise

Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

mlops ai machine learning
Latest Stories
Bulletins