Cloudflare has fine-tuned its Web Application Firewall (WAF) to add protection for applications that use large language models.

Dubbed "Firewall for AI," the service is available to the cloud and security provider's Application Security Advanced business customers. At launch, it includes two features: advanced speed limiting and sensitive data detection.

Advanced Rate Limiting allows the customer to create a policy that specifies a maximum rate of requests made by an individual IP address or API key during a session. Doing so helps prevent distributed denial of service (DDoS) attacks against the model, or other situations that would overwhelm LLM with requests and disrupt its ability to process legitimate requests.

The second feature, Sensitive Data Detection, prevents LLMs from leaking confidential data in response to questions. It also allows customers to set up WAF rules that look for financial information like credit card numbers and secrets like API keys, to ensure these sensitive details don't end up in an LLM's response.