Cloudflare Connect 2025, the vendor’s first global customer conference, brought together developers, IT leaders, strategists, and security pros from 63 countries — or roughly half the places that Cloudflare has a presence — at ARIA Resort & Casino in Las Vegas to explore the company’s evolving role in enterprise infrastructure. Unlike many purely security-focused events, Cloudflare Connect had a distinctly optimistic vibe.

While the event had its share of product and partner integration announcements, Cloudflare’s underlying messages were clear, as it:

  • Moves to position itself as the connective tissue for modern digital operations, accelerating its expansion beyond its roots as a content delivery network/edge point-of-presence provider.
  • Increases focus on enterprises, as it builds capabilities more appealing for enterprise customers and a partner network for serving them.
  • Showcases its AI security abilities to secure clients’ AI initiatives.

From Vision To Platform: The Connectivity Cloud

Cloudflare’s “connectivity cloud” concept has matured from branding to blueprint. This year’s Connect showcased a unified platform designed to simplify how organizations manage users, applications, and networks across hybrid and multicloud environments. The strategy aims to reduce operational overhead and vendor complexity, which is a familiar pain point for enterprise teams.

Cloudflare also continues to adhere to its ethos of “building a better internet” with a combination of long-term planning and focus on abstracting away complexity for very important but unglamorous infrastructure (e.g., digital certificates, DNS, encryption algorithms, and routing). IT has spent years doing quiet, deliberate work so that very big changes happen and nobody except the people deep in the weeds know that anything happened at all; things on the internet continue apace.

The partnership with Oracle Cloud Infrastructure (OCI) was a notable step. By embedding Cloudflare’s services natively into OCI, the company is expanding its reach into enterprise workloads that demand performance, security, and resilience across cloud boundaries. It’s a pragmatic move, but success will depend on how well these integrations serve real deployment scenarios.

AI Security: Less Hype, More Practicality

As with virtually every recent event, AI was front and center — not as a buzzword but as a functional layer in Cloudflare’s security stack. New capabilities such as AI-powered phishing protection as part of a secure workspace and a “firewall for AI” reflect a growing need to secure traditional attack vectors like email that are impacted by AI, as well as the need to protect AI applications themselves. Although we remain skeptical of using the term “firewall” in connection with AI — since the capabilities have more to do with discovery and safe usage than access control — the logic is wholly consistent with Cloudflare’s mission.

What began as distributed-denial-of-service mitigation and evolved to include web application firewall and bot management must necessarily grow to cover AI applications, especially as Cloudflare’s customers not only deploy but increasingly build them using Cloudflare infrastructure.

Zero Trust: Part Platform, Part Glue, All User Experience

Zero Trust is a common thread across the Cloudflare portfolio, but the pattern in the customer-led presentations involving Zero Trust was unmistakable: The Cloudflare platform provides the components, but there may be some assembly required. Multiple organizations described how Cloudflare supported their Zero Trust journey. One thing they all had in common — regardless of their line of business — was that they were all very “technology-forward,” and the flow of their talks more closely resembled something one might see at KubeCon, rather than the typical case study one would expect at a vendor conference.

Another commonality was that the Zero Trust projects in question were typically justified on the basis of security improvements through simplification of the tech and security stacks and related improvements to user experience — as opposed to being in the service of Zero Trust itself. The message is clear: Regardless of vendor positioning, a purchasing decision is an early- rather than late-stage step on the Zero Trust journey, and buying something doesn’t give you Zero Trust unless you also do the work to put all the pieces together. The subtext is that budget approval is more likely with a proposal that concretely makes things safer, more reliable, easier, and/or faster for users instead of an abstract claim about “better security.”

Edge Development: Building Where It Matters

Cloudflare’s developer platform — including Workers and Pages — continues to push the envelope on edge-native application development and now can make a credible argument for applicable workloads in multicloud use cases. The emphasis on latency reduction and global reach is well aligned with modernization efforts, especially for teams that are replatforming legacy systems.

Developer platform adoption has been a strength and growth center for Cloudflare, and we expect that to continue. As it looks beyond the edge, however, adoption in the crowded multicloud world will hinge on more than just performance. Integration with existing toolchains, support for observability, and enterprise-grade governance will be critical for Cloudflare to solidify as a core vendor to enable enterprise cloud strategy.

Sovereignty-Aware Architectures: A Network Advantage

One of Cloudflare’s underappreciated strengths is its global network footprint. For organizations dealing with sovereignty requirements — whether for compliance, data residency, or geopolitical risk — the ability to deploy workloads across specific regions with consistent performance is increasingly valuable.

Discussions with customers such as Caliente and Uber during one-on-one sessions highlighted the importance of flexibility and control in real-world deployments. Cloudflare’s edge locations and programmable networking offer a foundation for sovereignty-aware architectures, especially as regulatory landscapes evolve.

Let’s Connect

Forrester clients who have questions or would like to discuss further can book an inquiry or guidance session with any of us.

Also, you can join us in person at Technology & Innovation Summit from November 2–5 or Security & Risk Summit from November 5–7, both in Austin, Texas. The event is packed with visionary keynotes, informative breakout sessions, interactive workshops, insightful roundtables, and other special programs.