cloudflare · pedrosousa · Jul 9, 2025 · May 29, 2025 · May 29, 2025 · May 29, 2025
@@ -5,21 +5,35 @@ sidebar:
   order: 4
 ---
 
+import { Tabs, TabItem } from "~/components";
+
 To manage your [security.txt](https://en.wikipedia.org/wiki/Security.txt) file via the Cloudflare dashboard:
 
+<Tabs syncKey="dashNewNav"> <TabItem label="Old dashboard">
+
 1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), select your account and domain.
 2. Go to **Security** > **Settings** > **Enable Security.txt**.
 
+</TabItem> <TabItem label="New dashboard" icon="rocket">
+
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/), select your account and domain.
+2. Go to **Security** > **Settings** > **All settings** tab.
+3. Next to **Enable Security.txt**, select **Edit**.
+
+</TabItem> </Tabs>
+
 From here, you can create and manage your `security.txt` file to provide the security research team with a standardized way to report vulnerabilities.
 
 Fill in the following information:
 
 - **(Required) Contact**: You can enter one of the following to contact you about security issues:
+
   - An email address: The email address must start with `mailto:` (for example, `mailto:[email protected]`).
   - A phone number: The phone number must start with `tel:` (for example, `tel:+1 1234567890`).
   - A URL link: The URL link must start with `https://` (for example, `https://example.com`).
 
   Select **Add more** to add multiple contacts.
+
 - **(Required) Expires at**: Enter the expiration date and time of the `security.txt` file.
 - **Encryption**: A link to a key which security researchers can use to communicate with you.
 - **Acknowledgements**: A link to your acknowledgements page.
@@ -30,8 +44,18 @@ Fill in the following information:
 
 Once you have entered the necessary information, select **Save**.
 
-To edit your security.txt file, select **Security** > **Settings** > **Edit Security.txt**.
+To edit your security.txt file:
+
+- Old dashboard: Select **Security** > **Settings** > **Edit Security.txt**.
+- New security dashboard: In the **All settings** tab, select **Edit** next to **Enable Security.txt**.
 
 To download your security.txt file, select **Security** > **Settings** > **Download Security.txt**.
 
-To delete your security.txt file, select **Security** > **Settings** > **Delete Security.txt**.
+To delete your security.txt file:
+
+- Old dashboard:
+  - Select **Security** > **Settings** > **Delete Security.txt**.
+- New security dashboard:
+  1. Select **Security** > **Settings** > **All settings** tab.
+  2. Next to **Enable Security.txt**, select **Edit**.
+  3. Select **Delete**.
@@ -32,20 +32,8 @@ For information on how to use the **Traffic** tab, refer to [Security Analytics]
 
 If you need to modify existing security-related rules you already configured, consider also using the [Events](#events) tab. This tab displays information about requests affected by Cloudflare security products.
 
-### Suspicious activity
-
-The suspicious activity gives you information about suspicious requests that were identified by the Cloudflare detections you have enabled. The supported detections include:
-
-- [Account takeover](/bots/additional-configurations/detection-ids/#account-takeover-detections)
-- [Leaked credential check](/waf/detections/leaked-credentials/) (only for user and password leaked)
-- [Malicious uploads](/waf/detections/malicious-uploads/)
-- [WAF attack score](/waf/detections/attack-score/)
-- [Firewall for AI](/waf/detections/firewall-for-ai/)
-
-Each suspicious activity is classified with a severity score that can vary from critical to low. You can use the filter option to investigate further.
-
 :::note
-The **Traffic** tab includes functionality available in the [Security Analytics](/waf/analytics/security-analytics/) page in the previous dashboard navigation structure. However, some page elements will appear in a different order, or they may be unavailable in the **Traffic** tab, such as Insights or the score-based analyses sidebar.
+The **Traffic** tab includes functionality available in the [Security Analytics](/waf/analytics/security-analytics/) page in the previous dashboard navigation structure.
 :::
 
 ## Events

@@ -8,7 +8,7 @@ description: Security rules perform security actions on incoming requests that m
 
 Security rules perform security-related actions on incoming requests that match specified filters. Rules are evaluated and executed in order, from first to last.
 
-Security rules are available in **Security** > **Security rules**.
+Security rules are available in the new security dashboard in **Security** > **Security rules**.
 
 ## Security rules
 

@@ -33,7 +33,7 @@ For more information on deploying and configuring managed rulesets using the Rul
 
 <Render file="find-ids-managed-rulesets" />
 
-The IDs of WAF managed rulesets are also available in the [WAF Managed Rules](/waf/managed-rules/#managed-rulesets) page.
+The IDs of WAF managed rulesets are also available in the [WAF Managed Rules](/waf/managed-rules/#available-managed-rulesets) page.
 
 ### Import or delete existing rulesets
 

@@ -17,7 +17,7 @@ This feature requires an Enterprise plan with a paid add-on.
 
 Use the [Rulesets API](/ruleset-engine/rulesets-api/) to deploy a WAF managed ruleset to the `http_request_firewall_managed` phase at the account level.
 
-The [WAF Managed Rules](/waf/managed-rules/#managed-rulesets) page includes the IDs of the different WAF managed rulesets. You will need this information when deploying rulesets via API.
+The [WAF Managed Rules](/waf/managed-rules/#available-managed-rulesets) page includes the IDs of the different WAF managed rulesets. You will need this information when deploying rulesets via API.
 
 If you are using Terraform, refer to [WAF Managed Rules configuration using Terraform](/terraform/additional-configurations/waf-managed-rulesets/#deploy-managed-rulesets-at-the-account-level).
 

@@ -15,7 +15,7 @@ This feature requires an Enterprise plan with a paid add-on.
 
 ## Account-level deployment
 
-At the account level, you can deploy each [WAF managed ruleset](/waf/managed-rules/#managed-rulesets) more than once. This means that you can apply the same managed ruleset with different configurations to different subsets of incoming traffic for the Enterprise zones in your account.
+At the account level, you can deploy each [WAF managed ruleset](/waf/managed-rules/#available-managed-rulesets) more than once. This means that you can apply the same managed ruleset with different configurations to different subsets of incoming traffic for the Enterprise zones in your account.
 
 For example, you could deploy the [Cloudflare OWASP Core Ruleset](/waf/managed-rules/reference/owasp-core-ruleset/) multiple times with different paranoia levels and a different action (_Managed Challenge_ action for PL3 and _Log_ action for PL4).
 

@@ -18,8 +18,9 @@ Use the Security Analytics dashboard to:
 - Analyze suspicious traffic and create tailored WAF custom rules based on applied filters.
 - Learn more about Cloudflare's security scores (<GlossaryTooltip term="attack score" link="/waf/detections/attack-score/">attack score</GlossaryTooltip>, [bot score](/bots/concepts/bot-score/), [malicious uploads](/waf/detections/malicious-uploads/), and [leaked credentials](/waf/detections/leaked-credentials/) results) with real data.
 - [Find an appropriate rate limit](/waf/rate-limiting-rules/find-rate-limit/) for incoming traffic.
+- Analyze suspicious traffic ([new security dashboard](/security/) only).
 
-If you need to modify existing security-related rules you already configured, consider also using the [Security Events](/waf/analytics/security-events/) dashboard. This dashboard displays information about requests affected by Cloudflare security products.
+If you need to modify existing security-related rules you already configured, consider also checking [Security Events](/waf/analytics/security-events/). This dashboard displays information about requests affected by Cloudflare security products.
 
 ## Availability
 
@@ -44,10 +45,6 @@ To use Security Analytics:
 
 Adjust the scope of analytics by manually entering filter conditions. You can also select **Filter** or **Exclude** to filter by a field value. These buttons appear when you hover the analytics data legend.
 
-:::note
-Alternatively, apply several filters at once from the [**Insights** section](#insights), which shows statistics for commonly used filters when doing security analyses.
-:::
-
 To manually add a filter:
 
 1. Select **Add filter**.
@@ -72,6 +69,42 @@ To create a [custom rule](/waf/custom-rules/) with an expression based on the fi
 
 ## Main dashboard areas
 
+The [new security dashboard](/security/) and the old dashboard have a few differences, including the order of the various sections on the Security Analytics page.
+
+### Suspicious activity
+
+:::note
+Only available in the [new security dashboard](/security/).
+:::
+
+The suspicious activity section gives you information about suspicious requests that were identified by the Cloudflare detections you have enabled. The supported detections include:
+
+- [Account takeover](/bots/additional-configurations/detection-ids/#account-takeover-detections)
+- [Leaked credential check](/waf/detections/leaked-credentials/) (only for user and password leaked)
+- [Malicious uploads](/waf/detections/malicious-uploads/)
+- [WAF attack score](/waf/detections/attack-score/)
+- [Firewall for AI](/waf/detections/firewall-for-ai/)
+
+Each suspicious activity is classified with a severity score that can vary from critical to low. You can use the filter option to investigate further.
+
+### Request activity
+
+The main chart displays the following data for the selected time frame, according to the selected tab:
+
+- **Traffic analysis**: Traffic mitigated by the Cloudflare security platform, served by Cloudflare, and served by the origin server, according to the following classification:
+
+  - **Mitigated by WAF**: Requests blocked or challenged by Cloudflare's application security products such as the WAF and HTTP DDoS protection. It does not include requests that had the following actions applied: _Log_, _Skip_, and _Allow_.
+  - **Served by Cloudflare**: Requests served by the Cloudflare global network such as cached content and redirects.
+  - **Served by origin**: Requests served by your origin server.
+
+- **Attack analysis**: [WAF attack score](/waf/detections/attack-score/) analysis of incoming requests, classifying them as _Clean_, _Likely clean_, _Likely attack_, or _Attack_.
+
+- **Bot analysis**: [Bot score](/bots/concepts/bot-score/) analysis of incoming requests, classifying them as _Automated_, _Likely automated_, _Likely human_, or _Verified bot_.
+
+- **Request rate analysis**: Displays data on the request rate for traffic matching the selected filters and time period. Use this tab to [find an appropriate rate limit](/waf/rate-limiting-rules/find-rate-limit/) for incoming traffic matching the applied filters.
+
+- **Cloudy analysis** (beta): Get insights about your application security by using plain language to interrogate your data. For more information, refer to [our blog post](https://blog.cloudflare.com/security-analytics-ai-assistant).
+
 ### Top statistics
 
 This section presents top statistics about incoming requests highlighting relevant properties commonly used when performing a security analysis.
@@ -86,6 +119,10 @@ Cloudflare calculates the top statistics from a sample of requests in the select
 
 ### Insights
 
+:::note
+Only available in the previous dashboard navigation structure.
+:::
+
 The provided insights show statistics for commonly used filters when doing security analyses, without immediately applying these filters to the displayed data.
 
 If you find a high value in one or more insights, this can mean that there is a set of suspicious requests that you should investigate. Additionally, these insights are a good starting point for applying a first set of filters to the dashboard.
@@ -94,30 +131,16 @@ To apply the filters for an insight to the data displayed in the Security Analyt
 
 ### Score-based analyses
 
+:::note
+Only available in the previous dashboard navigation structure.
+:::
+
 The **Attack analysis**, **Bot analysis**, **Malicious uploads**, and **Account abuse detection** sections display statistics related to WAF attack scores, bot scores, WAF content scanning scores, and leaked credentials scanning of incoming requests for the selected time frame. All plans include access to the **Leaked credential check** under **Account abuse detection**. This feature detects login attempts using credentials that have been exposed online. For more information on what to do if you have credentials that have been leaked, refer to the [example mitigation rules page](/waf/detections/leaked-credentials/examples/).
 
 You can examine different traffic segments according to the current metric (attack score, bot score, or content scanning). To apply score filters for different segments, select the buttons below the traffic chart. For example, select **Likely attack** under **Attack analysis** to filter requests that are likely an attack (requests with WAF attack score values between 21 and 50).
 
 Additionally, you can use the slider tool below the chart to filter incoming requests according to the current metric. This allows you to filter traffic groups outside the predefined segments.
 
-### Main chart
-
-The main chart displays the following data for the selected time frame, according to the selected tab:
-
-- **Traffic analysis**: Traffic mitigated by the Cloudflare security platform, served by Cloudflare, and served by the origin server, according to the following classification:
-
-  - **Mitigated by WAF**: Requests blocked or challenged by Cloudflare's application security products such as the WAF and HTTP DDoS protection. It does not include requests that had the following actions applied: _Log_, _Skip_, and _Allow_.
-  - **Served by Cloudflare**: Requests served by the Cloudflare global network such as cached content and redirects.
-  - **Served by origin**: Requests served by your origin server.
-
-- **Attack analysis**: [WAF attack score](/waf/detections/attack-score/) analysis of incoming requests, classifying them as _Clean_, _Likely clean_, _Likely attack_, or _Attack_.
-
-- **Bot analysis**: [Bot score](/bots/concepts/bot-score/) analysis of incoming requests, classifying them as _Automated_, _Likely automated_, _Likely human_, or _Verified bot_.
-
-- **Rate limit analysis**: Displays data on the request rate for traffic matching the selected filters and time period. Use this tab to [find an appropriate rate limit](/waf/rate-limiting-rules/find-rate-limit/) for incoming traffic matching the applied filters.
-
-- **Cloudy analysis** (beta): Get insights about your application security by using plain language to interrogate your data. For more information, refer to [our blog post](https://blog.cloudflare.com/security-analytics-ai-assistant).
-
 ### Logs
 
 Security Analytics shows request logs for the selected time frame and applied filters, along with detailed information and security analyses of those requests.

@@ -26,7 +26,10 @@ Available features vary according to your Cloudflare plan:
 
 ## Location in the dashboard
 
-Security Events is available for your zone in **Security** > **Events**.
+To open Security Events for a given zone:
+
+- Old dashboard: Go to **Security** > **Events**.
+- New security dashboard: Go to **Security** > **Analytics** > **Events** tab.
 
 Additionally, Enterprise customers have access to the account-level dashboard in Account Home > **Security Center** > **Security Events**.
 
@@ -54,13 +57,16 @@ Take the following into account when entering filter values:
 
 ### Adjust report duration
 
-To adjust report duration, select the desired duration from the dropdown in **Security Events**. The default value is `Previous 24 hours`.
+To adjust report duration, select the desired duration from the dropdown. The default value is `Previous 24 hours`.
 
 The available report duration values depend on your Cloudflare plan. Refer to [Availability](#availability) for details.
 
-## Create custom rule from current filters
+## Create security rule from current filters
+
+To create a [custom rule](/waf/custom-rules/create-dashboard/) based on your current filters and exclusions:
 
-To create a [custom rule](/waf/custom-rules/create-dashboard/) based on your current filters and exclusions, select **Create custom rule** in **Security Events**.
+- Old dashboard: Select **Create custom rule**.
+- New security dashboard: Select **Create custom security rule**.
 
 ## Events summary
 
@@ -72,7 +78,7 @@ You can adjust the displayed data according to one of the values by selecting **
 
 ## Events by service
 
-The **Events by service** section lists the activity per Cloudflare security feature (for example, **Managed rules** or **API Shield**).
+The **Events by service** section lists the activity per Cloudflare security feature (for example, **Managed rules** or **Rate limiting rules**).
 
 You can adjust the scope of Security Events to one of the displayed services by selecting **Filter** or **Exclude** when hovering the legend or by selecting the corresponding graph bar.
 
@@ -83,7 +89,7 @@ In **Top events by source** you can find details of the traffic flagged or actio
 You can adjust the scope of Security Events to one of the listed source values by selecting **Filter** or **Exclude** when hovering the value.
 
 :::note
-A deleted custom/firewall rule or rate limiting rule will show as `Rule unavailable` under **Firewall rules** or **Rate limit rules**. To check the changes made within your Cloudflare account, review your [Audit logs](/fundamentals/account/account-security/review-audit-logs/).
+A deleted custom rule or rate limiting rule will show as `Rule unavailable` under **Firewall rules** or **Rate limit rules**. To check the changes made within your Cloudflare account, review your [Audit logs](/fundamentals/account/account-security/review-audit-logs/).
 :::
 
 ## Sampled logs
@@ -131,7 +137,12 @@ For example, after adding a filter for `Action equals Managed Challenge` and set
 
 ## Print or download PDF report
 
-To print or download a snapshot report from your security events dashboard, select **Print report** in **Security Events**. Your web browser's printing interface will present you with options for printing or downloading the PDF report.
+To print or download a snapshot report:
+
+- Old dashboard: Select **Print report**.
+- New security dashboard: Select the three dots > **Print report**.
+
+Your web browser's printing interface will present you with options for printing or downloading the PDF report.
 
 The generated report will reflect all applied filters.