Case Study: Carousell achieves secure internal networks and seamless remote employee access with Cloudflare Zero Trust

Securing Carousell’s internal networks and providing seamless remote employee access with Cloudflare Zero Trust

Carousell is one of Asia’s largest C2C marketplaces — serving millions of users and more than a quarter of Singapore’s population, delivering over 1 PB of images per month and handling traffic spikes of 3x during flash sales. As the company moved to remote and international workforces, it needed to secure internal networks and provide seamless, low-friction employee access without the complexity of traditional VPNs or cumbersome ZTNA alternatives, while preserving site performance and visibility into access events.

Carousell extended its long-standing Cloudflare partnership — using Cloudflare’s global edge network and WAF for CDN, caching, SSL, and security — and implemented Cloudflare Zero Trust to replace legacy VPNs. The solution enforces per-app, identity-provider–based access with centralized administration and a single agent, saving developers at least 15 minutes each per month, freeing SRE time, eliminating VPN maintenance, improving auditability and access visibility, and strengthening security without adding latency or impacting user experience.

Carousell

Sanjeev Jaiswal

Senior Director of DevOps, SRE, Platform, and Cybersecurity Engineering