In this episode of This Week in NET, host João Tomé is joined by Michelle Chen from Cloudflare’s AI product team to discuss the rise of open models, the launch of Kimi 2.5 on Workers AI, and why enterprises are rethinking the cost of proprietary AI.

Michelle explains how Cloudflare’s security team used Kimi to scan internal codebases and found more than 40 confirmed security issues — at a fraction of the cost of proprietary models. The conversation explores why open models are rapidly becoming competitive with closed alternatives, how Cloudflare builds efficiency with custom inference engines and prefix caching, and what the Replicate acquisition means for bring-your-own-model workflows on Workers AI.

Later in the episode, we also hear from Dina Kozlov about Dynamic Workers and Code Mode (now in open beta), followed by another Women of Cloudflare segment with Alexandra Messe Rodriguez.

⏱️ Timestamps

00:00 — Cold open: Kimi finds 40+ security issues

00:30 — Intro and Cloudflare blog highlights

03:06 — Michelle Chen joins the show

05:44 — The rise of open models and Kimi 2.5

07:14 — Finding 40+ security issues with AI

10:40 — The real cost of running AI agents

16:26 — Making inference efficient: caching, kernels, and architecture

19:42 — Replicate and bring-your-own-model on Workers AI

25:08 — Favorite AI use case: fashion e-commerce images

29:05 — Dina Kozlov: Dynamic Workers and Code Mode

33:13 — Women of Cloudflare: Alexandra Messe Rodriguez

In this episode of This Week in NET, host João Tomé is joined by Chema Alonso, Vice President and Head of International Development at Cloudflare.

Chema shares how a 1998 paper on SQL injection launched his career in hacking, his path from running a startup in Madrid to becoming a Microsoft MVP for 14 years, and how he ended up leading cybersecurity at Telefónica for more than a decade — after telling them “you don’t have enough money to make me work for you.” He also explains why he left Telefónica in 2025 to join Cloudflare, and what surprised him about the company’s technical depth.

The conversation explores how AI is changing cybersecurity, from AI agents competing in Capture-the-Flag contests to automated attack chains running around the clock. Chema also discusses the black market for zero-day vulnerabilities, Cloudflare’s role in Europe, and how AI may reshape the economics of the Internet.

We also hear the story behind his famous beanie hat, a Bluetooth exploit that Apple initially called “a feature” until Steve Wozniak got involved and a quick-fire round covering his first computer, favorite hacks, admired researchers, and why Gemini once hallucinated that he went to jail.

⏱️ Timestamps 

01:00 — How SQL injection in 1998 started his career

02:36 — From startup to Microsoft MVP to training Spain's cyber forces

04:36 — Black Hat, Def Con, and the global hacking scene

05:53 — How Telefonica recruited Chema

08:49 — 20 years of daily blogging as "brain gym"

10:27 — The beanie hat origin story

14:34 — Why he left Telefonica to join Cloudflare

17:41 — What customers are most worried about: AI security

22:55 — Cloudflare's role in Europe: sovereignty, resilience, and growth

26:58 — How AI is disrupting the Internet's business model

28:44 — The evolution of hacking: from phreaking to AI agents

37:42 — The Dirty Tooth iPhone Bluetooth exploit and Steve Wozniak

41:39 — Quick-fire round: first computer, favorite hack, Kevin Mitnick

43:58 — Google Gemini hallucinated that Chema went to jail

46:49 — The future of the Internet and Cloudflare

In this episode of This Week in NET, Heather Orsi, Director of Strategic Finance & Investor Relations at Cloudflare, shares her unusual career path across finance, startups, and tech, and what it means to communicate Cloudflare’s story to investors and analysts.

Heather talks about her first days at Cloudflare just after the IPO, what it takes to explain a highly technical company to Wall Street, and how finance, strategy, and storytelling come together in investor relations.

This conversation is part of the Women of Cloudflare series for Women’s Empowerment Month.

Check the Cloudflare Blog:

https://blog.cloudflare.com

🎧 Subscribe for weekly conversations about the Internet and Cloudflare:

https://ThisWeekinNET.com

⸻

⏱️ Timestamps

00:38 — From banking and startups to Cloudflare

02:21 — Joining Cloudflare right after the IPO

04:16 — Explaining a deeply technical company to investors

06:31 — Communicating Cloudflare’s story to analysts

08:51 — The role of investor relations inside a tech company

11:16 — Being a woman in finance and tech

13:11 — Advice for people starting a career in finance

In this episode of This Week in NET, host João Tomé is joined by Cloudflare’s new Chief Marketing Officer, Jeff Samuels, to explore how marketing is evolving in the age of AI.

We discuss why brand still wins, how marketers are becoming “context engineers,” and how Cloudflare connects deep technical products to clear narratives that resonate with customers.

We also touch on the role of real-world events like RSA Conference, where Cloudflare will be present, and why in-person moments still matter in an increasingly AI-driven, digital-first world.

⏱️ Timestamps

01:44 — News roundup (AI, policy, product updates)

03:25 — Meet Jeff Samuels (Cloudflare CMO)

04:07 — Background: startups, policy, global experience

06:46 — From product to marketing mindset

08:25 — Lessons from OpenDNS and Cisco

11:47 — Marketing in tech: empathy and understanding systems

13:27 — Lifecycle marketing and customer connection

15:05 — Why Cloudflare (people, mission, opportunity)

16:49 — Marketing as the “architect” of go-to-market

18:38 — Brand vs demand

20:48 — Events like RSA and why they still matter

27:02 — AI and the shift to orchestration

31:39 — What’s next for Cloudflare marketing

34:02 — Quick fire: skills, mistakes, brand vs performance

36:49 — Advice for marketers entering tech

37:27 — One word for Cloudflare: opportunity

In this Women at Cloudflare segment for Women’s Empowerment Month, Sofia Cardita, Systems Engineer at Cloudflare, shares her journey from clinical psychology to engineering.

Sofia explains how she transitioned into tech through self-learning and hands-on building, and how AI is changing the way engineers work today. She also reflects on observability, teamwork, and finding balance as an engineer.

⏱️ Timestamps

00:12 — Sofia Cardita: background and role at Cloudflare  

00:49 — From psychology to engineering

02:02 — Self-learning and building from scratch

03:03 — What she enjoys about engineering (proudest projects)

04:18 — Observability and understanding systems

04:59 — Advice for getting started

05:07 — AI as a learning tool

05:55 — Going deeper despite AI

06:10 — Using AI in daily workflows

07:02 — Productivity: rest, focus, and balance

In this episode of This Week in NET, host João Tomé is joined by Warnessa Weaver (Senior Product Manager) and Yumna Moazzam (Senior Product Marketing Manager) to break down Cloudflare’s SASE blog takeover week and what it means for enterprise security.

Cloudflare One is evolving into an agile, composable, and programmable SASE platform, built natively on Cloudflare’s global network spanning 300+ cities. The conversation explores how organizations can modernize remote access, secure AI adoption, and replace legacy architectures that often take 18 months to deploy with migrations completed in 4–6 weeks.

The episode covers:

• Post-quantum encryption now in GA for Cloudflare One

• Deepfake defense through a new Nametag partnership

• Adaptive access with user risk scoring and signals from CrowdStrike and SentinelOne

• Programmable gateway policies using Cloudflare Workers

• DLP visibility for Microsoft 365 Copilot, ChatGPT, Gemini and more

• Clipboard controls for browser-based RDP sessions

• Closing the boot-to-login security gap with the Cloudflare One client

• CASB remediation for Microsoft 365 and Google Workspace

The episode also includes a run-through of other recent Cloudflare blog posts, including AI Security for Apps (now GA), slashing agent token costs by 98% with RFC 9457, Nvidia Nemotron 3 Super on Cloudflare, and a new stateful API vulnerability scanner.

Check the Cloudflare Blog:

https://blog.cloudflare.com/tag/sase

⏱️ Timestamps

00:37 — Blog run-through: AI Security for Apps, RFC 9457 agent errors, API vulnerability scanner

02:17 — Nvidia Nemotron 3 Super on Cloudflare

03:29 — What is agile SASE and Cloudflare One?

05:44 — Composability and programmability explained

07:53 — Built on Cloudflare’s global network vs legacy vendors

09:07 — The truly programmable SASE platform

10:04 — Custom gateway policies with Cloudflare Workers

12:16 — Post-quantum encryption in Cloudflare One

13:14 — Harvest now, decrypt later

14:34 — Boot-to-login security with the Cloudflare One client

17:35 — Independent MFA in Cloudflare Access

19:13 — Deepfake defense and Nametag partnership

22:15 — User risk scoring and adaptive access

25:26 — Data security: DLP, CASB, and browser-based RDP

27:21 — Microsoft 365 Copilot visibility

29:05 — Partner stories: TachTech and Adapture

33:09 — Zero Trust onboarding with Terraform

35:25 — Key takeaways

In this episode of This Week in NET, host João Tomé is joined by Cloudflare threat intelligence experts Brian Carter and Chris Peacey to break down the 2026 Cloudflare Threat Report and what it reveals about today’s cyber threat landscape.

We discuss how threat intelligence helps organizations prioritize risks, how attackers are increasingly leveraging automation and AI tools, and why botnets, supply-chain attacks, and credential-theft campaigns continue to evolve.

The conversation explores how attackers gain initial access, how criminal ecosystems operate across infrastructure providers and services, and how AI is beginning to influence reconnaissance, social engineering, and large-scale campaigns.

We also examine geopolitical dimensions of cyber operations, the growing sophistication of phishing and identity attacks, and the role of threat intelligence in helping defenders anticipate and mitigate attacks before they escalate.

Check the full 2026 Cloudflare Threat Report

⏱️ Timestamps

00:12 — Introduction: Special 2026 Threat Report edition

00:58 — Threat Intelligence: Helping organizations prioritize defense

01:53 — Global Trends: Identity weaponization and hyper-volumetric attacks

04:44 — Record-breaking DDoS: Attack volume doubled from 2024 to 2025

05:40 — AI and cybercrime: shrinking the time from access to data theft

08:10 — Living off the Cloud: Malware hidden inside Google Calendar and OneDrive

10:43 — State-sponsored evolution: Cyber activity linked to the Ukraine war

11:28 — Persistent espionage: Chinese and Iranian state actors

13:56 — Industrialized cybercrime: Effectiveness over elegance

16:35 — The recruitment attack: Deepfakes in remote hiring processes

19:01 — Laptop farms: North Korean operators inside Western companies

21:28 — Detecting AI interviewees and “digital tics”

23:13 — Token theft: How attackers bypass MFA protections

25:40 — Human-in-the-loop phishing: Building trust before the payload

27:54 — Infrastructure rug-pulling: The “Nasty Shrew” campaign

31:52 — Advice for CISOs: Managing third-party integration risks

33:55 — Disrupting the chain: Neutralizing 400+ malicious domains in 2025

In this episode of This Week in NET (the second this week focused on building with AI), host João Tomé is joined by Steve Faulkner, Engineering Director at Cloudflare, to discuss how he rebuilt a Next.js-compatible framework in just one week using AI. The project, called vinext, began as an experiment and evolved into a working proof of concept.

We explore what AI-first development looks like in practice, how coding agents were used to rewrite and test large API surfaces, and what happens when you treat dependencies as something you can regenerate rather than maintain manually.

The results were surprising: faster local builds, smaller bundles, deployment to Workers with a single command, and a total AI token cost of roughly $1,100.

We also discuss:

• Using voice-to-code workflows (SuperWhisper + local models)

• AI reviewing code multiple times

• Whether AI-assisted rebuilds will become common

• What this means for 2026 and beyond

Mentioned blog posts:

• How we rebuilt Next.js with AI in one week

⏱️ Timestamps 

0:12 — Introduction: the latest on the Cloudflare blog (monitoring post-quantum encryption and ASPA routing; JavaScript Streams — why we deserve a better API)

3:22 — Steve’s role and Workers platform overview

4:34 — How the idea came to be

6:11 — When AI tools became “good enough”

7:13 — Tooling setup: OpenCode, Claude, parallel agents

9:03 — AI beyond coding: management and markdown workflows

10:58 — What AI-first development actually means

12:03 — Performance gains: 4x faster builds, 57% smaller bundles

14:11 — ~$100 in tokens: the real cost

15:35 — Deploying to Workers with one command

17:25 — Community feedback and early adoption

19:09 — Will AI rebuild other frameworks?

20:25 — Voice-to-code workflows (SuperWhisper, Parakeet)

23:31 — Traffic-Aware Pre-Generation (TPR) explained

25:23 — Production caution and security

26:19 — How to get started (use AI to migrate your app)

27:12 — The big takeaway: AI is changing how we build software

In this episode of This Week in NET, host João Tomé is joined by Matt Curry to break down Code Mode: a way to give AI agents access to the entire Cloudflare API (2,500+ endpoints) using two tools and roughly ~1,000 tokens of context.  

Instead of exposing thousands of individual tools (which quickly becomes expensive and brittle), Code Mode lets the model write JavaScript to search and execute against a compact API context. The result is massive compression, lower cost, and better performance.

We also include demos showing how agents can query real infrastructure, navigate multiple accounts, and build things like multiplayer experiences using Durable Objects and WebSockets.

⏱️ Timestamps 

0:53 — Intro: agents, MCP, tokens, and what Code Mode means

2:53 — Why exposing 2,500+ endpoints as tools doesn’t scale

6:49 — How Code Mode works: generate an SDK and let the model write code

9:57 — Demo: querying deployed Workers and infrastructure

14:37 — Multiplayer with Durable Objects (live demo “wow” moment)

24:32 — Compression stats: 2 million tokens → ~1,000 tokens

27:26 — Code Mode SDK v2 and wrapping your own APIs

31:52 — The Sandbox: running untrusted code safely

38:03 — What’s next: progressive disclosure and MCP evolution

Mentioned blog posts:

• Code Mode: give agents an entire API in 1,000 tokens
  
  

In this episode, host João Tomé is joined by Celso Martinho, VP of Engineering at Cloudflare, to discuss two major launches: Markdown for Agents and Moltworker (for OpenClaw) — and what they signal about the future of AI agents on the Internet.

Celso explains how Markdown for Agents was conceived, built, and shipped in just one week, why AI systems prefer markdown over HTML, and how converting a typical blog post from 16,000 HTML tokens to roughly 3,000 markdown tokens can reduce cost, improve speed, and increase accuracy for AI models. We also explore Moltworker, a proof-of-concept showing how a personal AI agent originally designed to run on a Mac Mini can instead run on Cloudflare’s global network using Workers, R2, Browser Rendering, AI Gateway, and Zero Trust.

We discuss observability for AI crawlers, new monetization models for publishers, the rapid growth of agent ecosystems, and why AI is becoming less hype and more infrastructure.

Mentioned blog posts:

• Introducing Markdown for Agents
• Introducing Moltworker: a self-hosted personal AI agent, minus the minis

⏱️ Timestamps

1:15 — Introducing Markdown for Agents

1:46 — From idea to ship in one week

2:37 — Why AI systems prefer markdown over HTML

3:30 — HTML “packaging” vs semantic content

4:39 — How Cloudflare converts HTML to markdown in real time

5:19 — Token savings: 16,000 vs 3,000 tokens

6:29 — Context windows, cost, and AI efficiency

8:21 — Tracking markdown trends in Cloudflare Radar

9:05 — Live demo: content negotiation header with curl

11:07 — AI projects in Lisbon: AI Search, PaperCrawl, and more

12:36 — Observability and new monetization models for publishers

13:56 — What is OpenClaw and why it went viral

14:54 — From Hacker News to Cloudflare in hours

17:06 — Running OpenClaw on Cloudflare instead of a Mac Mini

18:05 — Why this is a proof of concept (not a product)

20:06 — Architecture: Zero Trust, Workers, R2, Browser Rendering, AI Gateway

22:32 — Demo: AI agent records and posts a video automatically

24:53 — 10,000 GitHub stars and open source support

26:11 — AI in 2026: intensifying work, not replacing it