Articles
An independent benchmark by Theo Browne initially showed Cloudflare Workers performing up to 3.5x slower than Vercel (Node.js on AWS Lambda) in CPU-intensive JavaScript workloads. Cloudflare proactively and transparently investigated this unexpected disparity, given both platforms use the V8 engine. Their investigation identified several contributing factors: suboptimal internal infrastructure tuning (scheduling heuristics, V8 garbage collector settings), inefficiencies in JavaScript libraries (OpenNext, Next.js, React), and issues with the benchmark methodology itself (e.g., measuring time-to-first-byte, Next.js config differences, local execution bias, CPU variations). Cloudflare implemented several fixes, including updates to their scheduling algorithm and V8 garbage collector tuning, and contributed patches to OpenNext, Node.js, and V8 to optimize `JSON.parse` and trigonometry functions, benefiting the broader JavaScript ecosystem. These efforts significantly closed the performance gap, making Workers competitive with Vercel across most benchmarks and improving performance for all Workers users globally. The article also highlights the inherent difficulties in creating truly representative benchmarks.
Cloudflare's Cloudforce One introduces REACT (Respond, Evaluate, Assess, Consult Team), a new suite of incident response and security services. The article highlights the critical gap in traditional security where edge defenses are insufficient, and internal breaches cause significant damage due to fragmented response efforts. REACT aims to bridge this gap by offering proactive advisory services (threat hunting, tabletop exercises, readiness assessments) and emergency incident response for active crises like APT, ransomware, insider threats, and supply chain breaches. Key differentiators include Cloudflare's unparalleled threat visibility (20% of the web), network-native mitigation capabilities directly at the edge, proven expert team, and vendor-agnostic scope. The article also details prevalent threats observed by REACT, such as high-impact insider threats, persistent ransomware, and application/supply chain vulnerabilities, including those from 'vibe coded' AI-generated applications. Engagement with REACT is streamlined through the Cloudflare dashboard.