diff --git a/src/content/docs/security/analytics.mdx b/src/content/docs/security/analytics.mdx index 9e8cf10ddb7478..3324709fdbf23d 100644 --- a/src/content/docs/security/analytics.mdx +++ b/src/content/docs/security/analytics.mdx @@ -12,6 +12,8 @@ Security analytics shows information about all incoming HTTP requests or only ab Use Security analytics as your starting point to understand and analyze traffic patterns, and to create security rules based on the filters you applied. +Security analytics is available in **Security** > **Analytics**. + ## Traffic The **Traffic** tab displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products. diff --git a/src/content/docs/security/rules.mdx b/src/content/docs/security/rules.mdx index eae6db572f26d2..564566fdb61f0c 100644 --- a/src/content/docs/security/rules.mdx +++ b/src/content/docs/security/rules.mdx @@ -8,6 +8,8 @@ description: Security rules perform security actions on incoming requests that m Security rules perform security-related actions on incoming requests that match specified filters. Rules are evaluated and executed in order, from first to last. +Security rules are available in **Security** > **Security rules**. + ## Security rules The **Security rules** tab includes a list of different types of rules configured in your domain / zone to protect your applications and resources. diff --git a/src/content/docs/waf/detections/firewall-for-ai.mdx b/src/content/docs/waf/detections/firewall-for-ai.mdx index 091d729d62ba29..b52304dda8bb5b 100644 --- a/src/content/docs/waf/detections/firewall-for-ai.mdx +++ b/src/content/docs/waf/detections/firewall-for-ai.mdx @@ -26,9 +26,14 @@ Firewall for AI is available in closed beta to Enterprise customers proxying tra +:::note +Firewall for AI is only available in the new [application security dashboard](/security/), currently in beta for users that opt in to the new user interface. +::: + 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain. 2. Go to **Security** > **Settings**. -3. Under **Incoming traffic detections**, turn on **Firewall for AI**. +3. Under **Web application exploits**, select **Manage detections**. +4. In **Firewall for AI**, select **Enable**. @@ -55,7 +60,7 @@ curl "https:///api/v1/" \ The PII category for this request would be `EMAIL_ADDRESS`. -Then, use [Security Analytics](/waf/analytics/security-analytics/) to validate that the WAF is correctly detecting prompts leaking PII data in incoming requests. Filter data by the `cf-llm` managed endpoint label and review the detection results on your traffic. +Then, use [Security Analytics](/waf/analytics/security-analytics/) in the new application security dashboard to validate that the WAF is correctly detecting prompts leaking PII data in incoming requests. Filter data by the `cf-llm` managed endpoint label and review the detection results on your traffic. Alternatively, create a WAF custom rule like the one described in the next step using a _Log_ action. This rule will generate [security events](/waf/analytics/security-events/) that will allow you to validate your configuration.