Overview

Scrut integrates with Cloudflare via secure API key–based authentication to automatically ingest configuration data and user account details. The integration runs daily tests to validate deprovisioning of accounts when personnel leave, MFA enforcement, zone-level rule configurations, traffic filtering, and default encryption and replication settings for Cloudflare Workers KV. By syncing these insights directly into Scrut’s GRC platform, the integration eliminates manual checks and provides audit-ready evidence for compliance, security hardening, and access management.

Why Connect

• Prove firewall, SSL, and DDoS protections are active with audit-ready evidence
• Show MFA enforcement and deprovisioning for admin accounts
• Validate DNS and zone configurations for compliance.

Supported Automated Tests

Scrut provides pre-built automated tests for Cloudflare. Here are a few examples of Scrut’s Cloudflare tests:

• Access reviews completed for all in-scope applications
• Cloudflare accounts associated with users
• Cloudflare accounts deprovisioned when employees leave

Supported Automated Evidence

Scrut automates the collection of some evidences for Cloudflare. Here are a few examples of Scrut’s Cloudflare-driven evidences that can be collected:

• Enabled Multi-Factor Authentication
• Firewall Rule Review
• Network traffic restrictions for database (security group)
• Offboarding - Logical Access & Physical Access Revocation
• Reports of User Access Reviews
• User Access Approval list to Application, Infrastructure and Service