Cloudflare And OpenAI Launch Agent Cloud For Enterprises
Cloudflare expands its Agent Cloud with Dynamic Workers, sandboxed environments, and OpenAI model support. The platform aims to become the default runtime for AI agents, but the security implications of millions of autonomous code-executing agents deserve more attention.
Cloudflare Builds the Infrastructure Layer for AI Agents
Cloudflare has announced a major expansion of its Agent Cloud platform with new tools for building, deploying, and scaling AI agents. The release includes Dynamic Workers, an isolate-based runtime that spins up in milliseconds, plus new storage primitives and sandboxed Linux environments designed for autonomous code execution.
CEO Matthew Prince positioned the launch as a bet on the future: "We are entering a world where agents are the ones writing and executing code. Agents need a home that is secure by default, scales to millions instantly, and persists across long-running tasks."
What Is New
Dynamic Workers run AI-generated code in sandboxed isolates, claiming 100x the speed and a fraction of the cost of containers. Artifacts provides Git-compatible storage for agent-generated code. Sandboxes offer full persistent Linux environments where agents can clone repos, install packages, and iterate like human developers.
Cloudflare also expanded its AI model catalog through its Replicate acquisition, adding support for OpenAI GPT-5.4 and Codex alongside open-source models. Developers can switch between model providers by changing a single line of code.
The Security Angle
Running AI-generated code at scale introduces new attack surface. Every agent execution is a potential injection point. Cloudflare is leaning on its isolate architecture to contain risk, but the broader industry is still figuring out how to secure autonomous agents that can read, write, and execute code across networks.
This is where WAF and edge security providers become critical. Cloudflare already offers WAF, bot management, and API protection alongside its compute platform. Competitors like Fastly, Akamai, and AWS WAF will need to answer the same question: how do you secure a world where millions of autonomous agents are making API calls on behalf of users?
WAFplanet Take
This is a land grab. Cloudflare wants to own the runtime for the agentic web the same way AWS owned the cloud compute layer. The technical pieces are solid. Dynamic Workers at isolate speeds with proper sandboxing is a strong foundation.
The security implications are the story nobody is talking about enough. When every user has dozens of agents running code autonomously, the attack surface does not just grow. It multiplies. API security, rate limiting, and WAF rules all need to evolve for agent-to-agent traffic patterns that look nothing like human browsing. Check our Cloudflare vs Fastly comparison or browse the full WAF directory to see how providers are positioning for this shift.
