Cloudflare Advances Public Sector Security Worldwide; Initiates Top Federal Certifications, Including FedRAMP High

SAN FRANCISCO--(BUSINESS WIRE)--Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, today announced the intent to achieve FedRAMP High authorization for the United States and to complete an InfoSec Registered Assessors Program (IRAP) PROTECTED assessment for Australia. This comes on the heels of achieving Esquema Nacional de Seguridad (ENS) certification for Spain, demonstrating Cloudflare’s commitment to meeting the most stringent security standards across key government and critical infrastructure sectors.

“Cloudflare is committed to protecting critical infrastructure and sensitive data across the United States public sector, including departments such as Homeland Security, Justice, Treasury, Health & Human Services, State, Interior, Energy, Commerce and more,” said Matthew Prince, co-founder and CEO, Cloudflare. “By pursuing security certifications across multiple countries, we’re making it easier for public sector organizations globally to modernize their security infrastructure. We designed our connectivity cloud to meet the highest levels of security and reliability, and these certifications demonstrate our long-term commitment to their vital missions.”

FedRAMP High (United States):

Cloudflare is currently deploying the required services and technology to be “In Process” for Federal Risk and Authorization Management Program (FedRAMP) High. A FedRAMP High authorization represents the highest level of security control for U.S. federal government cloud services, to protect the government’s most sensitive, unclassified data in cloud computing environments. FedRAMP High authorization enables federal agencies to adopt Cloudflare to protect their most sensitive unclassified data and organizations.

IRAP (Australia) and ENS (Spain):

In addition to FedRAMP High, Cloudflare is also progressing towards assessment for the Information Security Registered Assessors Program (IRAP) in Australia, and has received certification from Esquema Nacional de Seguridad (ENS), also known as the National Security Framework, in Spain, expanding its ability to serve government agencies in these key markets. These security assessments and certifications will verify that Cloudflare’s offerings meet strict Australian and Spanish security requirements respectively, enabling Cloudflare to protect critical infrastructure and public sector systems with highly sensitive data and services.

Growing Public Sector Impact:

Cloudflare currently provides security, performance, and reliability services through its global network to more than 40 United States Federal Government agencies. The company is committed to supporting critical government functions, including the nation’s election infrastructure.

To learn more, please check out the resources below:

• Blog: Cloudflare’s commitment to advancing Public Sector security worldwide by pursuing FedRAMP High, IRAP, and ENS
• Cloudflare for Public Sector

About Cloudflare

Cloudflare, Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees, applications and networks faster and more secure everywhere, while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured, unified platform of cloud-native products and developer tools, so any organization can gain the control they need to work, develop, and accelerate their business.

Powered by one of the world’s largest and most interconnected networks, Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits, humanitarian groups, and governments across the globe.

Learn more about Cloudflare’s connectivity cloud at cloudflare.com/connectivity-cloud. Learn more about the latest Internet trends and insights at https://radar.cloudflare.com.

Follow us: Blog | X | LinkedIn | Facebook | Instagram

Forward-Looking Statements

This press release contains forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended, which statements involve substantial risks and uncertainties. In some cases, you can identify forward-looking statements because they contain words such as “may,” “will,” “should,” “expect,” “explore,” “plan,” “anticipate,” “could,” “intend,” “target,” “project,” “contemplate,” “believe,” “estimate,” “predict,” “potential,” or “continue,” or the negative of these words, or other similar terms or expressions that concern Cloudflare’s expectations, strategy, plans, or intentions. However, not all forward-looking statements contain these identifying words. Forward-looking statements expressed or implied in this press release include, but are not limited to, statements regarding Cloudflare’s plans and objectives to pursue public sector security certifications, the impact to Cloudflare and its customers if Cloudflare achieves public sector security certifications, the benefits to customers from using Cloudflare’s products and technology, the expected functionality and performance of Cloudflare’s products and technology, Cloudflare’s global network, Cloudflare’s technological development, future operations, growth, initiatives, or strategies, and comments made by Cloudflare’s CEO and others. Actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to, risks detailed in Cloudflare’s filings with the Securities and Exchange Commission (SEC), including Cloudflare’s Form 10-Q filed on November 7, 2024, as well as other filings that Cloudflare may make from time to time with the SEC.

The forward-looking statements made in this press release relate only to events as of the date on which the statements are made. Cloudflare undertakes no obligation to update any forward-looking statements made in this press release to reflect events or circumstances after the date of this press release or to reflect new information or the occurrence of unanticipated events, except as required by law. Cloudflare may not actually achieve the plans, intentions, or expectations disclosed in Cloudflare’s forward-looking statements, and you should not place undue reliance on Cloudflare’s forward-looking statements.

© 2025 Cloudflare, Inc. All rights reserved. Cloudflare, the Cloudflare logo, and other Cloudflare marks are trademarks and/or registered trademarks of Cloudflare, Inc. in the U.S. and other jurisdictions. All other marks and names referenced herein may be trademarks of their respective owners.