Cloudflare Inc.

101 Townsend Street
San Francisco, California 94107
U.S.A.
Telephone: (650) 319-8930
Toll Free: (888) 99 FLARE
Fax: (650) 230-7173
Web site: http://www.cloudflare.com

Private Company
Founded: 2009
Employees: 500 (est.)
NAICS: 511210 Software Publishers

Based in San Francisco, California, Cloudflare Inc. is a provider of website performance and security services. At the heart of the company's technology is its next-generation Content Delivery Network (CDN), which accelerates the loading of internet applications. Cloud-flare Video CDN reduces video start-up times. Other performance products include Argo, a smart network routing solution; Mobile SDK, to improve performance on mobile networks; Cloudflare Stream, an integrated video streaming solution; and 1.1.1.1, a proprietary domain name system (DNS) directory. Cloudflare also protects against distributed denial of service (DDoS) attacks, structured query language injection attacks, crosssite scripting, and cross-site forgery requests. Its products include rate limiting, web application firewalls, one-click secure sockets layer protection, DNSSEC secure routing, secure application access, Argo Tunnel to protect web servers from direct attack, and Spectrum comprehensive security for servers and applications. In addition, Cloudflare offers reliability products, including a secure DNS network and load-balancing solutions, and analytics products to provide insights into visitors as well as threat monitoring. Cloudflare maintains offices in Austin, Texas; Champaign, Illinois; Washington, DC; London; and Singapore. It serves data from more than 150 data centers around the world.

The idea for Cloudflare began to take root in 2004, when Matthew Prince and Lee Holloway were colleagues at Unspam Technologies, Inc., a Utah-based start-up software company that provided government entities with do-not-contact registry solutions. A native of Park City, Utah, Prince cofounded the company in 2001 and Holloway later joined as the chief software architect. Fascinated by the origin of email spam, Prince and Holloway launched Project Honey Pot under the auspices of Unspam. They created software that could be embedded in a website and used to track how email addresses were gathered by spammers and others with nefarious intent. Project Honey Pot software was disseminated widely and although useful it had one major shortcoming: it provided insights, not security.

Prince and Zatlyn began developing a business plan for a company they called Cloudflare, the name the result of a friend's observation that their goal was to create a firewall in the cloud. Prince and Zatlyn took advantage of their Harvard resources, receiving feedback on the business plan from their professors. In the meantime, Lee began developing a prototype of the system.

Cloudflare was entered into the Harvard Business School Business competition and won in April 2009. Subsequently, Prince and Zatlyn completed the MBA program and joined Lee in California, where over the summer they made further refinements to the Cloudflare prototype. To take the company to the next stage, the three partners conducted a Series A venture capital funding round in November 2009, raising $2.1 million from the Utah-based Pelion Venture Partners and Venrock, a venture capital firm in Palo Alto, California.

The proceeds allowed Cloudflare to release a beta version of its software to the Project Honey Pot community. The company also opened its first office in Palo Alto, California, in January 2010. The following month the business was incorporated in Delaware, with Prince signing as the CEO, Zatlyn as the COO, and Holloway as the lead engineer. They were then joined by their first employees, a pair of engineers.

By June 2010 Cloudflare beta software was being used at 100 websites, supported by five data centers on three continents. A major concern of Holloway and his engineering team was the potential problem of delays that came with securing websites, which led to their focus on latency reduction. To the surprise of everyone, beta users reported that in addition to providing a more secure website, Cloudflare improved load times by 30 percent on average. In essence, the system's removal of unwanted traffic paid the side benefit of improving performance.

From the brainstorming days of Cloudflare, the goal was to eventually launch at TechCrunch Disrupt. That goal was realized in September 2010, when Cloudflare introduced its first product at the annual conference in San Francisco as part of TechCrunch's Startup Battlefield competition. Although Cloudflare was the runner-up in a field of 27, it was named the Most Innovative Company at the conference and received valuable exposure to venture capital firms and others in the tech community.

Cloudflare offered a free version of its software and generated income from a professional plan that provided enhanced security and performance features. About two weeks after the TechCrunch Disrupt launch, the Cloudflare network surpassed the 1 billion request threshold. The company ramped up its hiring, and in March 2011 moved into a renovated factory building on Third Street in San Francisco. To fuel further growth, Cloudflare raised $20 million in a Series B funding round during the summer of 2011. It was led by New Enterprise Associates (NEA), a private equity firm based in Menlo Park, California. Venrock and Pelion also participated.

To help mark the one-year anniversary of the product launch, Cloudflare introduced an automatic IPv6 gateway in September 2011. By that point Cloudflare-supported websites received 15 billion page views from 350 million unique visitors per month. The United States provided the lion's share of traffic, but by the spring of 2012 China was second and rapidly growing. Third was Brazil, Turkey fourth, and the United Kingdom fifth. The system was supported by 14 data centers in eight countries on three continents.

As Cloudflare continued to expand its user base, it attracted growing interest from potential investors, whose offers were based on valuations in excess of $1 billion. Eventually, it accepted $50 million in a Series C funding round in December 2013. It was led by Union Square Ventures, a private equity and venture capital firm based in New York. Also participating were the newcomer Greenspring Associates of Owings Mills, Maryland, and Cloudflare's three previous investors.

In September 2015 Cloudflare announced a strategic partnership with Baidu, China's leading search engine, to build a unified global platform that could be used by visitors inside and outside of China. Cloudflare would not, however, maintain operations in the country. That same month Baidu participated in Cloudflare's Series D funding round that raised $110 million. It was led by Boston's Fidelity Investments, and in addition to Baidu other newcomers included Microsoft Accelerator, Google's CapitalG, and Qualcomm Ventures. Continued support came from NEA, Venrock, Union Square, and Pelion. The proceeds were earmarked for continued global expansion, the development of mobile and enterprise applications, and the building of largescale networks.

Cloudflare again supplemented its capabilities through an acquisition. In 2016 it added Eager of Cambridge, Massachusetts. The company was founded two years earlier by a pair of former employees from HubSpot, a marketing software firm. Eager allowed nontechnical website owners to add features easily, which could be procured from Eager's app store. It was an idea that Cloudflare had toyed with in 2011 and at one point offered 30 supported apps, but because of its limited resources at the time there was no further development. Eager brought more than 100 apps, which provided Cloudflare with a shortcut in the development of its own app store. NEA had been one of Eager's investors and helped bring the two companies together.

In August 2017 Cloudflare received unwanted publicity, when it became a side note in a confrontation between protestors and participants in a “Unite the Right” white nationalist rally in Charlottesville, Virginia, that resulted in the death of one person. Cloudflare had always maintained a content-neutral philosophy, but when the Daily Stormer website, a major supporter of the white supremacist movement, claimed that Cloudflare was in essence a supporter, Prince withdrew the site's online protection. As a result, Daily Stormer was susceptible to attack and rendered inoperable until it found a new Russian web host. Prince's decision sparked a debate in various sectors about online free speech rights.

Controversy aside, Cloudflare continued to develop and acquire additional service offerings. In September 2017 it introduced Unmetered Mitigation. Unlike other DDoS attack protection services, which based their fees on the size of the received attack, Cloudflare provided a set price and unlimited and unmetered protection regardless of the size of the attack. That same year Cloudflare acquired Neumob Inc., a two-year-old start-up company that developed a mobile VPN product that not only provided protection but also saved battery life of mobile devices because of a reduced need to ping the network. The software was well regarded, but the lack of a large enough network platform hindered the growth of the technology. Cloudflare possessed that missing piece, while Neumob supplied Cloudflare with a mobile performance tool it lacked.

Besides expanding Cloudflare's coverage to include the mobile space, Neumob offered a pathway for Cloudflare to introduce direct-to-consumer products. In April 2018 Cloudflare introduced its first consumer product: 1.1. 1.1, a DNS resolver that gave users the ability to browse the internet while shielding their activities from internet service providers. The company already offered DNS resolvers to its enterprise customers and for some time had been toying with the idea of opening up the system to the public. Cloudflare assured users that all data would be destroyed after 24 hours, insisting that its only goal was to make the internet faster and more secure, not to exploit information.

Ed Dinger

CDNify Ltd.; CrowdStrike, Inc.; Incapsula, Inc.