Cloudflare introduces AI agent network, expands security tie-up with Wiz

Cloudflare launched Mesh for AI agent access and worked with Wiz to track AI systems and monitor risks like data leaks and prompt injection.

Security teams are facing new risks as AI agents move into day-to-day use inside companies. These systems often need access to internal tools, databases, and test environments to function, but giving that access can expose private systems if not handled carefully.

Traditional methods such as VPNs or manual network setups are still common. These approaches can slow down deployment and, in some cases, leave parts of internal infrastructure visible to the public internet.

Cloudflare introduced a private networking system called Cloudflare Mesh to manage how AI agents connect to internal systems. The platform links agents, employees, and infrastructure across different cloud environments within a single network layer.

"AI agents are a standard in modern developer workflows, but they're being throttled by a networking model that was designed strictly for humans," said Matthew Prince, co-founder and CEO of Cloudflare.

"For years, developers have been stuck with the choice between wasting days wrestling with complex, clunky VPNs, or taking the dangerous shortcut of exposing private infrastructure to the open web. Now, Cloudflare Mesh removes that trade-off. We are providing a secure bridge between agents and infrastructure—whether those agents are running on Cloudflare, in a private data center, or in another public cloud—ensuring every agent a team ships is secure from day one."

The system creates a private network that does not rely on exposing services to the internet. Traffic using private IP addresses is routed through Cloudflare's network, where it remains encrypted.

Each AI agent is treated as its own identity within the network. This allows teams to set clear rules on what an agent can and cannot access. One agent might be allowed to read from a test database, while another is blocked from sensitive financial systems.

Cloudflare has tied this system into its developer tools, including Workers, Workers VPC, and its Agents SDK. Developers can set access rules directly in code, instead of building separate network connections. AI agents running on Cloudflare Workers can then connect to internal services based on those rules.

Cloudflare said the setup also supports systems spread across multiple environments. Developer devices, on-premise hardware, and cloud platforms such as Amazon Web Services and Google Cloud can be linked into the same private network. Cloudflare said this reduces the time needed to set up secure connections.

The company also expanded its work with Wiz, a cloud security firm now part of Google Cloud. The integration connects Cloudflare's AI security tools with Wiz's security graph to track where AI systems are running and how they interact with data.

Security teams often lack a clear view of AI tools deployed across their systems. Some tools may be set up without oversight, which creates gaps in protection.

Cloudflare's AI Security for Apps checks traffic to AI systems as requests are made. It looks for issues such as prompt injection attempts, exposure of personal data, and requests involving restricted topics. These checks run across Cloudflare's network and do not add delay to traffic.

Wiz maps how AI systems connect to data stores and other services. This helps teams see where sensitive data is being used and where controls may be missing. The system can also flag cases where security rules are not in place or are set incorrectly.

"AI is the most transformative technology we've seen in a generation, powering countless capabilities. But for a majority of businesses, it can be a black box. When talking with CISOs today, they are struggling with the balance of being an enabler of innovation with AI, while combating uncontrolled shadow AI across their organization because their legacy security tools are effectively useless at this level," said Tom Evans. "The Cloudflare and Wiz partnership helps tackle this trade-off. Now, we are delivering a solution to allow innovation with AI at speed, without the worry that their most sensitive data will be exposed."

"Security alignment isn't just about reducing risk, it's an enabler of AI application development," said Oron Noah. "By combining Wiz's end-to-end visibility with Cloudflare's edge protections, we close a critical gap in how AI risk is managed. This partnership gives organizations a unified view of AI application endpoints and shared risk context, helping them stop threats like prompt injection and shadow AI before they start."

The combined system highlights which AI endpoints have access to sensitive systems and helps teams decide what to fix first. Cloudflare and Wiz said it works across different cloud providers and supports a mix of AI models and infrastructure setups.