Cloudflare is opening its Client-Side Security Advanced product (formerly Page Shield add-on) to self-serve customers and making domain-based threat intelligence free for all users. The announcement highlights a new cascading AI detection system that combines a Graph Neural Network (GNN) for structural analysis of JavaScript ASTs with an LLM (hosted on Workers AI) as a secondary filter. The GNN flags potentially malicious scripts, and the LLM semantically evaluates flagged scripts to eliminate false positives. This two-stage approach reduced false positives by up to 200x on unique scripts (from ~1.39% to 0.007%). The system assesses 3.5 billion scripts daily and recently caught a novel zero-day attack targeting home routers via compromised browser extensions. The Advanced tier also supports PCI DSS v4 compliance requirements 6.4.3 and 11.6.1.
Table of contents
How Cloudflare Client-Side Security worksDetecting malicious intent JavaScriptsThe high cost of false positivesAdding an LLM-based second opinion for triageDomain-based threat intelligence free for allGet started with Client-Side Security Advanced for PCI DSS v4Sort: