Case Study: SoFi achieves over 60% reduction in malicious traffic with Cloudflare

SoFi Overcomes Malicious Traffic with Cloudflare

SoFi, a San Francisco–based online financial services company with over 800,000 members and $40B in funded loans, faced constant, sophisticated cyberattacks. After trying several cloud-provider WAFs that proved feature-poor, hard to maintain, and time-consuming for engineers, SoFi needed an easy-to-use, robust solution to block malicious traffic without heavy operational overhead.

Cloudflare’s WAF and Workers delivered that solution: engineers quickly deployed granular rulesets and an edge mobile-validation layer, cutting malicious traffic by more than 60% with a low false‑positive rate and providing continuous protection against new vulnerabilities. The ease of deployment and low maintenance let SoFi expand its use of Cloudflare products with minimal engineering effort.

SoFi

Paul Shope

Security Engineer