cloudflare · pedrosousa · Apr 11, 2025 · Apr 11, 2025
@@ -12,6 +12,8 @@ Security analytics shows information about all incoming HTTP requests or only ab
 
 Use Security analytics as your starting point to understand and analyze traffic patterns, and to create security rules based on the filters you applied.
 
+Security analytics is available in **Security** > **Analytics**.
+
 ## Traffic
 
 The **Traffic** tab displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products.

@@ -8,6 +8,8 @@ description: Security rules perform security actions on incoming requests that m
 
 Security rules perform security-related actions on incoming requests that match specified filters. Rules are evaluated and executed in order, from first to last.
 
+Security rules are available in **Security** > **Security rules**.
+
 ## Security rules
 
 The **Security rules** tab includes a list of different types of rules configured in your domain / zone to protect your applications and resources.

@@ -26,9 +26,14 @@ Firewall for AI is available in closed beta to Enterprise customers proxying tra
 
 <Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
 
+:::note
+Firewall for AI is only available in the new [application security dashboard](/security/), currently in beta for users that opt in to the new user interface.
+:::
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), and select your account and domain.
 2. Go to **Security** > **Settings**.
-3. Under **Incoming traffic detections**, turn on **Firewall for AI**.
+3. Under **Web application exploits**, select **Manage detections**.
+4. In **Firewall for AI**, select **Enable**.
 
 </TabItem> <TabItem label="API">
 
@@ -55,7 +60,7 @@ curl "https://<YOUR_HOSTNAME>/api/v1/" \
 
 The PII category for this request would be `EMAIL_ADDRESS`.
 
-Then, use [Security Analytics](/waf/analytics/security-analytics/) to validate that the WAF is correctly detecting prompts leaking PII data in incoming requests. Filter data by the `cf-llm` managed endpoint label and review the detection results on your traffic.
+Then, use [Security Analytics](/waf/analytics/security-analytics/) in the new application security dashboard to validate that the WAF is correctly detecting prompts leaking PII data in incoming requests. Filter data by the `cf-llm` managed endpoint label and review the detection results on your traffic.
 
 Alternatively, create a WAF custom rule like the one described in the next step using a _Log_ action. This rule will generate [security events](/waf/analytics/security-events/) that will allow you to validate your configuration.