Cloudflare Defeats Deepfakes with Identity-Verified Zero Trust

Cloudflare has announced a partnership with Nametag to bring identity-verified onboarding and continuous identity assurance to its SASE platform, Cloudflare One. This move aims to close the identity assurance gap in zero trust onboarding models, which currently verify devices and credentials but not people. The partnership is a response to the growing threat of "remote IT worker" fraud, where attackers use stolen identities to infiltrate companies and steal intellectual property.

Key Technical Details

• Cloudflare Access serves as the aggregation layer for security policies, checking attributes such as device posture, location, and user group membership before granting access.
• Nametag is integrated using OpenID Connect (OIDC) and can be configured as an IdP within Cloudflare Access or chained as an external evaluation factor.
• The integration verifies the identity of users throughout the onboarding process, ensuring that the person receiving, configuring, and connecting a device to protected resources is a real person, a legitimate person, and the right person.

Practical Implications for Developers

• Developers can now use Cloudflare Access with Nametag to uncover and stop bad actors, including North Korean IT workers, before they gain access to internal resources or data.
• The integration provides a critical new layer of security for organizations, allowing them to assume breach and verify every request, including user identity.
• Developers can configure Nametag as an IdP within Cloudflare Access or chain it as an external evaluation factor, providing flexibility and customization options.