Cloudflare Launches First SASE Platform With Native MCP Server Security — Free AI Endpoint Discovery, IBM and Wiz Partnerships at RSAC 2026

Cloudflare made two significant product announcements timed around RSAC 2026 that position it as the first major infrastructure platform to offer native security governance for AI agent protocols.

First, AI Security for Apps reached general availability on March 11, 2026. The product operates as a reverse proxy layer in front of AI-powered applications regardless of model or hosting provider. It automatically identifies LLM-powered endpoints across web properties — including non-chat applications like product search, recommendation engines, and property valuation tools — by analyzing endpoint behavior rather than URL patterns. Critically, Cloudflare made AI endpoint discovery free for all plan tiers including Free, Pro, and Business, removing the cost barrier and establishing itself as the default starting point for AI security.

Second, Cloudflare One is now the first Secure Access Service Edge (SASE) platform to secure connections to Model Context Protocol (MCP) servers. The MCP Server Portal centralizes all MCP request logs, enforces least-privilege access by authenticating every user and agent connection by identity, and aggregates all MCP servers behind a single unified endpoint. This is operationally significant because organizations deploying agentic workflows currently manage individual MCP server configurations manually. Centralizing this into an existing Zero Trust control plane changes the operational burden significantly.

Cloudflare also joined the Cloud Security Alliance's new CSAI Foundation launch at RSAC, alongside IBM and Wiz partnerships that extend AI Security for Apps into their cloud ecosystems. These are distribution moves that embed Cloudflare's AI security into the two largest enterprise cloud and security ecosystems.

The broader strategic pattern: Cloudflare has systematically absorbed standalone security categories — email security (Area 1 acquisition 2022), browser isolation, DLP, and CASB (unified 2023) — into a single platform. The AI and MCP security moves follow the same playbook, threatening MCP security startups, AI prompt inspection tools, and shadow AI discovery vendors who now compete with a free tier from an established platform.

This is particularly relevant in the context of RSAC 2026's 30 MCP CVEs in 60 days finding and the 38% of MCP servers lacking authentication — Cloudflare is offering the enterprise-grade governance layer that the MCP ecosystem urgently needs.