Cloudflare launches Confidence Scores and CASB integrations to help companies use AI tools like ChatGPT, Claude, and Gemini safely and in a controlled manner.
Cloudflare has announced two new features that help organizations use generative AI applications in a safe and controlled way. These are the Application Confidence Score and an extension of the Cloud Access Security Broker (CASB) with specific integrations for ChatGPT, Claude, and Gemini.
Application Confidence Score
With the introduction of the Application Confidence Score, Cloudflare aims to provide companies with a transparent benchmark to assess the reliability of SaaS and AI apps. The score ranges from 1 to 5 and is based on objective criteria, such as compliance with standards (SOC 2, GDPR, ISO 27001, ISO 42001), data policies, security controls, and the financial stability of the vendor.
For AI applications, specific elements are added. Cloudflare mentions whether prompts are used for training and the availability of model cards (transparency documents about how a model works). The score is split into two components: an application score that reflects the reliability of the SaaS service itself, and the Gen AI score that tells more about the reliability of an AI subscription within that service. Cloudflare shares the following figures for illustration.
| Company | Application score | Gen AI score |
|---|---|---|
| Gemini Free | 3.8 | 4.0 |
| Gemini Pro | 3.8 | 5.0 |
| Gemini Ultra | 4.1 | 5.0 |
| Gemini Business | 4.7 | 5.0 |
| Gemini Enterprise | 4.7 | 5.0 |
| OpenAI Free | 3.3 | 1.0 |
| OpenAI Plus | 3.3 | 3.0 |
| OpenAI Pro | 3.3 | 3.0 |
| OpenAI Team | 4.3 | 3.0 |
| OpenAI Enterprise | 4.3 | 4.0 |
| Anthropic Free | 3.9 | 5.0 |
| Anthropic Pro | 3.9 | 5.0 |
| Anthropic Max | 3.9 | 5.0 |
| Anthropic Team | 4.9 | 5.0 |
| Anthropic Enterprise | 4.9 | 5.0 |
The tool distinguishes between different subscription levels from the same provider. For example, ChatGPT Free scores lower due to limited enterprise controls and default training on user prompts, while ChatGPT Enterprise scores higher because training is disabled and additional security measures are in place. The goal is for companies to make their own policy choices based on clear criteria and decide more quickly which applications are allowed within their environment.
Expansion of Cloudflare CASB
Additionally, Cloudflare is expanding its CASB with integrations for ChatGPT, Claude, and Gemini. This allows organizations to directly connect these AI services and automatically scan them for misconfigurations, data leaks, and compliance issues.
The API-based approach works without additional software on user devices and quickly provides insight into risks such as: public GPTs or shared files in ChatGPT, sensitive data in uploads to Claude, or missing multi-factor authentication and incorrect licenses in Google Gemini.
The CASB works together with Cloudflare Gateway to also monitor traffic in real-time, including through prompt filtering and ‘Shadow AI’ detection. This gives IT and security teams visibility into both the data within the applications themselves and the traffic going to them.
More Control
With the new features, Cloudflare aims to help organizations find the balance between leveraging AI innovation and managing the associated risks. The Application Confidence Score provides a standardized assessment method, while the CASB extension offers direct operational control and insight into the use of popular AI tools.
Cloudflare has been steadily expanding its offerings with AI-related applications in recent months. The company recently launched zero trust tools tailored for AI, offers customers the ability to protect websites from AI crawlers, and launched Cloudflare for AI in March.