cloudflare · Maddy-Cloudflare · Mar 3, 2026 · Mar 2, 2026 · Mar 2, 2026 · Mar 2, 2026
@@ -26,12 +26,15 @@
 9. In the **Name** field, we recommend entering the version number of the package being uploaded.
 10. In the **Publisher** field, we recommend entering `Cloudflare, Inc`.
 11. In the **Command-line arguments** field, enter a valid installation command. For example:
-   ```txt
-   /qn ORGANIZATION="your-team-name" SUPPORT_URL="http://support.example.com"
-   ```
-   Refer to [deployment parameters](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/) for a description of each argument. You can change these parameters at any time by pushing a new [MDM file](#update-mdm-parameters).
-12. Select **Next**.
-13. Add the users or groups who require Cloudflare WARP and select **Next**.
+
+    ```txt
+    /qn ORGANIZATION="your-team-name" SUPPORT_URL="http://support.example.com"
+    ```
+
+    Refer to [deployment parameters](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/) for a description of each argument. You can change these parameters at any time by pushing a new [MDM file](#update-mdm-parameters).
+
+12. Select **Next**. 
+13. Add the users or groups who require Cloudflare WARP and select **Next**. 
 14. Review your configuration and select **Create**.
 
 Intune is now configured to deploy the WARP client.
@@ -65,7 +68,7 @@
        		<key>auth_client_id</key>
        		<string>88bf3b6d86161464f6509f7219099e57.access</string>
        		<key>auth_client_secret</key>
        		<string>bdd31cbc4dec990953e39163fbbb194c93313ca9f0a6e420346af9d326b1d2a5</string>
        	</dict>
        	<key>configs</key>
        	<array>
@@ -135,7 +138,11 @@
 
 #### 1.1 Download user-side certificate
 
-<Render file="intune-download-certificate" product="cloudflare-one" params={{ os: "macOS" }} />
+<Render
+	file="intune-download-certificate"
+	product="cloudflare-one"
+	params={{ os: "macOS" }}
+/>
 
 #### 1.2 Upload user-side certificate to Intune
 
@@ -194,9 +201,10 @@
    ```bash
    codesign -dv --verbose=4 /Applications/Cloudflare\ WARP.app 2>&1 | grep Identifier
    ```
+
    Expected output:
 
-   ```output
+   ```txt
    Identifier=com.cloudflare.1dot1dot1dot1.macos
    TeamIdentifier=68WVV388M8
    ```
@@ -341,7 +349,11 @@
 
 #### 1.1 Download user-side certificate
 
-<Render file="intune-download-certificate" product="cloudflare-one" params={{ os: "iOS" }} />
+<Render
+	file="intune-download-certificate"
+	product="cloudflare-one"
+	params={{ os: "iOS" }}
+/>
 
 #### 1.2 Upload user-side certificate to Intune
 
@@ -379,11 +391,11 @@
 
 4. Select **Search the App Store** and search for the [Cloudflare One Agent](/cloudflare-one/team-and-resources/devices/warp/download-warp/#ios). After you have found the Cloudflare One Agent, select it and select **Select** to continue.
 
-	:::caution[Add the right app]
+   :::caution[Add the right app]
 
-	Make sure to add the [Cloudflare One Agent](/cloudflare-one/team-and-resources/devices/warp/download-warp/#ios) application. Do not add the 1.1.1.1 app.
+   Make sure to add the [Cloudflare One Agent](/cloudflare-one/team-and-resources/devices/warp/download-warp/#ios) application. Do not add the 1.1.1.1 app.
 
-	:::
+   :::
 
 5. The fields in **App information** will be filled in automatically. Select **Next** to continue.
 
@@ -403,24 +415,24 @@
 
 4. In **Settings**, select _Enter XML data_ and copy and paste the following:
 
-	```xml
-	<dict>
-		<key>organization</key>
-		<string>YOUR_TEAM_NAME_HERE</string>
-		<key>auto_connect</key>
-		<integer>1</integer>
-	</dict>
-	```
+   ```xml
+   <dict>
+   	<key>organization</key>
+   	<string>YOUR_TEAM_NAME_HERE</string>
+   	<key>auto_connect</key>
+   	<integer>1</integer>
+   </dict>
+   ```
 
-	Replace `YOUR_TEAM_NAME_HERE` with your [team name](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name). Review the definitions of the above parameters in the [Parameters documentation](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/).
+   Replace `YOUR_TEAM_NAME_HERE` with your [team name](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name). Review the definitions of the above parameters in the [Parameters documentation](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/).
 
-	:::tip[Successfuly complete your registration]
+   :::tip[Successfuly complete your registration]
 
-	You should set the [`auto_connect`](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/#auto_connect) parameter to `1` to ensure the WARP client auto-connects to Cloudflare. If you set this parameter to `0` or exclude it, the client will not auto-connect, and registration will not complete successfully.
+   You should set the [`auto_connect`](/cloudflare-one/team-and-resources/devices/warp/deployment/mdm-deployment/parameters/#auto_connect) parameter to `1` to ensure the WARP client auto-connects to Cloudflare. If you set this parameter to `0` or exclude it, the client will not auto-connect, and registration will not complete successfully.
 
-	If you do not include this parameter, registration will not be complete without manual intervention by the user. Manual intervention requires opening the WARP application and attempting to connect.
+   If you do not include this parameter, registration will not be complete without manual intervention by the user. Manual intervention requires opening the WARP application and attempting to connect.
 
-	:::
+   :::
 
 5. In **Assignments**, select an option (for example, **Add all devices** or **Add all users**) that is valid for your scope. Select **Next**.
 

@@ -24,38 +24,38 @@ Cloudflare configures your Privacy Proxy instance to export telemetry to this en
 
 Privacy Proxy exports the following telemetry signals:
 
-| Signal | Description |
-| -------- | ------------- |
-| Metrics | Connection counts, request rates, latency histograms, error rates |
-| Traces | Per-request traces showing proxy processing time. Traces are sampled at approximately 1% of requests. |
+| Signal  | Description                                                                                           |
+| ------- | ----------------------------------------------------------------------------------------------------- |
+| Metrics | Connection counts, request rates, latency histograms, error rates                                     |
+| Traces  | Per-request traces showing proxy processing time. Traces are sampled at approximately 1% of requests. |
 
 ## Metrics
 
 Privacy Proxy exports metrics that help you understand usage patterns and performance.
 
 ### Connection metrics
 
-| Metric | Description |
-| -------- | ------------- |
-| `privacy_proxy_connections_total` | Total number of proxy connections |
-| `privacy_proxy_connections_active` | Currently active connections |
-| `privacy_proxy_connections_duration_seconds` | Connection duration histogram |
+| Metric                                       | Description                       |
+| -------------------------------------------- | --------------------------------- |
+| `privacy_proxy_connections_total`            | Total number of proxy connections |
+| `privacy_proxy_connections_active`           | Currently active connections      |
+| `privacy_proxy_connections_duration_seconds` | Connection duration histogram     |
 
 ### Request metrics
 
-| Metric | Description |
-| -------- | ------------- |
-| `privacy_proxy_requests_total` | Total CONNECT requests processed |
-| `privacy_proxy_requests_by_status` | Requests grouped by response status code |
-| `privacy_proxy_bytes_sent_total` | Total bytes sent to destinations |
-| `privacy_proxy_bytes_received_total` | Total bytes received from destinations |
+| Metric                               | Description                              |
+| ------------------------------------ | ---------------------------------------- |
+| `privacy_proxy_requests_total`       | Total CONNECT requests processed         |
+| `privacy_proxy_requests_by_status`   | Requests grouped by response status code |
+| `privacy_proxy_bytes_sent_total`     | Total bytes sent to destinations         |
+| `privacy_proxy_bytes_received_total` | Total bytes received from destinations   |
 
 ### Latency metrics
 
-| Metric | Description |
-| -------- | ------------- |
-| `privacy_proxy_connect_latency_seconds` | Time to establish connection to destination |
-| `privacy_proxy_first_byte_latency_seconds` | Time to first byte from destination |
+| Metric                                     | Description                                 |
+| ------------------------------------------ | ------------------------------------------- |
+| `privacy_proxy_connect_latency_seconds`    | Time to establish connection to destination |
+| `privacy_proxy_first_byte_latency_seconds` | Time to first byte from destination         |
 
 ## `Server-Timing` header
 
@@ -75,7 +75,7 @@ To visualize Privacy Proxy metrics in Grafana:
 2. Export metrics from the collector to Prometheus.
 3. Create Grafana dashboards using Prometheus as a data source.
 
-```promql title="Example Prometheus queries"
+```txt title="Example Prometheus queries"
 # Request rate over time
 rate(privacy_proxy_requests_total[5m])
 

@@ -3,19 +3,30 @@ pcx_content_type: concept
 title: Brand Protection
 sidebar:
   order: 7
-  badge:
-    text: Beta
 ---
 
 import { AvailableNotifications, Render, DashButton } from "~/components";
 
+<Render file="brand-protection-definition" product="security-center" />
+
 :::note[User permission]
-While the Brand Protection tool is in beta, all Cloudflare Enterprise customers have automatic access to Brand Protection, including five saved queries. Only Admin, Super Admin and users with a Brand Protection role can access Brand Protection
+Access to Brand Protection is managed through [Cloudflare RBAC](/fundamentals/manage-members/roles/).
+
+Only users with the following roles can access and configure Brand Protection:
+
+- Super Admin
+- Admin
+- Brand Protection (custom role)
+
 :::
 
-<Render file="brand-protection-definition" product="security-center" />
+## Types of queries
+
+Cloudflare Brand Protection offers two distinct methods for monitoring impersonation: domain search and logo search.
 
-## Domain search
+### Domain search
+
+Search for domains based on text patterns, misspellings, or service combinations.
 
 To start searching for new domains that might be trying to impersonate your brand:
 
@@ -25,7 +36,7 @@ To start searching for new domains that might be trying to impersonate your bran
 
 2. In **String query**, provide a name for your query. You can add multiple brand phrases on the same query, and the results will generate matches for all of those. Once you entered the string queries, select **Search matches**.
 
-3. In the **Character distance**, select from `0-3`. The number of characters the results can differ from your domain.
+3. In the **Character distance**, select from `0-3`. This defines how many characters a result can differ from your string (for example, a distance of 1 would catch `clpudflare.com`). The number of characters the results can differ from your domain.
 
    :::note
 
@@ -38,45 +49,19 @@ To start searching for new domains that might be trying to impersonate your bran
 
 In the section **Monitor Strings**, you can check all the string queries that you selected to monitor. You can delete, clone, or create notifications for a string query. Refer to [Brand Protection Alerts](#brand-protection-alerts) to set up notifications.
 
-### Report abuse
-
-:::note[Submit abuse report]
-You can only submit an abuse report if your domain is with [Cloudflare Registrar](https://www.cloudflare.com/products/registrar/), or if the IP used by the domain is hosted by Cloudflare.
-:::
-
-To submit abuse reports directly from the dashboard:
-
-1. In the Cloudflare dashboard, go to the **Brand Protection** page.
-
-   <DashButton url="/?to=/:account/security-center/brand-protection" />
-2. Go to **Monitor Strings**, select the query you want to report.
-3. Select **Report to Cloudflare**.
-4. Fill in the details to submit an abuse report.
-5. Select **Submit**.
-
-To view abuse reports, in the Cloudflare dashboard, go to the **Abuse Reports** page.
-
-   <DashButton url="/?to=/:account/abuse-reports" />
-
-You can review abuse reports against your zones and any mitigations taken against reports in response.
-
-You can also **Request review** of most mitigations.
-
-## Logo search (AI-powered)
+### Logo search (AI-powered)
 
 Logo search uses computer vision to detect domains using your visual assets, even if the domain name does not contain your brand string.
 
 To set up a new logo query:
 
 1. Select **Monitor Logos** and select **Add logo**.
-3. Add a name for your query and upload your logo. Only the `.png`, `.jpeg`, and `.jpg` file extensions are supported.
-4. Set the threshold: Set a match threshold (the minimum is 75%). A higher score ensures high-precision matches, while a lower score catches remixed or slightly altered versions of your logo.
-5. Select **Save logo**. The system will now scan newly detected infrastructure for visual matches.
+2. Add a name for your query and upload your logo. Only the `.png`, `.jpeg`, and `.jpg` file extensions are supported.
+3. Set the threshold: Set a match threshold (the minimum is 75%). A higher score ensures high-precision matches, while a lower score catches remixed or slightly altered versions of your logo.
+4. Select **Save logo**. The system will now scan newly detected infrastructure for visual matches.
 
 The browser will return to the **Monitored Logos** page, where you can access your query and configure notifications.
 
-
-
 ## Investigate a query
 
 In this section, the dashboard displays:
@@ -92,16 +77,40 @@ To investigate a string query:
 2. Select a monitored query to inspect all the domains that matched your query.
 3. Next to the domain, select **Domain** or **URL**. This will trigger a search on the [**Investigate**](/security-center/investigate/) section in a separate tab. URL scanner will also be triggered from **Brand Protection** through **Security Center** > **Investigate**. You will also have access to a report which will be generated automatically. The report will display screenshots of the matched domain, and the registrar of your domain.
 
+## Report abuse
+
+:::note[Submit abuse report]
+You can only submit an abuse report if your domain is with [Cloudflare Registrar](https://www.cloudflare.com/products/registrar/), or if the IP used by the domain is hosted by Cloudflare.
+:::
+
+To submit abuse reports directly from the dashboard:
+
+1. In the Cloudflare dashboard, go to the **Brand Protection** page.
+
+   <DashButton url="/?to=/:account/security-center/brand-protection" />
+
+2. Go to **Monitor Strings**, select the query you want to report.
+3. Select **Report to Cloudflare**.
+4. Fill in the details to submit an abuse report.
+5. Select **Submit**.
+
+To view abuse reports, in the Cloudflare dashboard, go to the **Abuse Reports** page.
+
+<DashButton url="/?to=/:account/abuse-reports" />
+
+You can review abuse reports against your zones and any mitigations taken against reports in response.
+
+You can also **Request review** of most mitigations.
+
 ## Brand Protection API
 
-The [Brand Protection API](/api/resources/brand_protection/) allows you to:
+The [Brand Protection API](/api/resources/brand_protection/) allows for programmatic management and integration with your [SOC](https://www.cloudflare.com/en-gb/learning/security/glossary/what-is-a-security-operations-center-soc/) or [SIEM](https://www.cloudflare.com/en-gb/learning/security/what-is-siem/). Using the Brand Protection API, you can:
 
-- Create new strings or logo queries
-- Delete strings or logo queries
-- Download matches for both logo and string queries
-- Read matches for both logo and string queries
+- Manage queries: Create, edit, or delete string and logo queries.
+- Data retrieval: Read and download matches for automated ingestion.
+- Query editing: Update existing query parameters without losing historical data.
 
-## Brand Protection Alerts
+## Notifications and alerts
 
 <Render file="brand-protection-alerts" product="security-center" />
 
@@ -124,7 +133,7 @@ To set up a Brand Protection Alert:
 
 Manage your notifications in the **All notifications** tab. You can disable, edit, delete, or test them.
 
-## Limitations
+## Subscriptions and limitations
 
-- While this product is in beta, all Enterprise customers and Cloudforce One subscribers have access to Brand Protection. Enterprise customers are entitled to five saved queries for their account.
+- Self-serve users can subscribe directly to add monitoring capacity to their account.
 - You may only use the Brand Protection search tools to search for domains that may be attempting to impersonate your brand or a brand that has authorized you to conduct such search on its behalf.
@@ -3,6 +3,6 @@
 
 ---
 
-Brand Protection works with Cloudflare’s ANS (Alerts Notification Service) to provide configurable alerts when new domains are detected.
+Brand Protection integrates with Cloudflare's ANS (Alerts Notification Service) to provide configurable alerts when new domains are detected.
 
 Any matches that are found during the new domain search are then inserted into an internal alerts table which triggers an alert for the user. This allows you to receive real-time notifications and take immediate action to investigate and potentially block any suspicious domains that may be attempting to impersonate your brand.
@@ -3,4 +3,10 @@
 
 ---
 
-Brand Protection gives you the ability to search for new domains that may be attempting to impersonate your brand. Common misspellings (`cloudfalre.com`) and concatenation of services (`cloudflare-service.com`) are often registered by attackers to trick unsuspecting victims into submitting private information such as passwords. Our system allows you to save search queries that run continuously and alert you if any new domains match those queries.
+Brand Protection allows you to proactively identify and mitigate domain impersonation and phishing attacks. By monitoring newly registered domains and visual assets across the Internet, Cloudflare helps protect your brand's reputation and prevents your customers or employees from submitting sensitive information to fraudulent sites.
+
+Common threats include:
+
+- [Typosquatting](https://en.wikipedia.org/wiki/Typosquatting): For example, typing `cloudfalre.com` instead of `cloudflare.com`.
+- Concatenation of services (`cloudflare-service.com`) often registered by attackers to trick unsuspecting victims into submitting private information such as passwords.
+- [Homoglyph attacks](https://en.wikipedia.org/wiki/IDN_homograph_attack) that use lookalike characters to trick unsuspecting victims.