 All right, let me see if I can get my... Can I have a microphone that works? Hello? Ah, there we go, perfect. Okay, so how many people here know what Cloudflare is? That's a pretty good lot, but all the people who don't know what Cloudflare is, you've already used it today without realizing. So, Cloudflare has about 7.5 million websites, apps, APIs that use it, and literally, everybody on the planet goes through our network every week, at least. And what we do is we make that experience faster and more secure. So, what Cloudflare has, early on it said, helped me to build a better internet. That's really our goal, is to try and improve on things that are in the internet. We've all got used to the internet for a daily life. We expect it to be fast. We expect it to be able to walk out into the street, press, give me a grab taxi, and get the answer like that. And we expect it to be secure. We expect to be able to do banking, look at dating websites, things that are very private. So, that's what Cloudflare is all about, is trying to make the internet a better place. The key thing here is that we are what we call an edge service provider, and that term is a bit strange. What's the edge? The edge is really the boundary where a business and the end user meet on the internet. So, it's the place that your web browser or your app on a phone connects to when you go to something, and it's where the business publishes itself on the internet, essentially. So, it's that boundary point. There isn't really a place because it's diffused across the internet, but that is the point at which those two things connect together. And the reason it's important is that that is the place where you can do security because you can stop and attack as early as it happens, and it is also the place where you can add performance because the closer you are to the end user, the better you can make their experience. You can optimize the experience. So, this is my idea. It's where you touch the internet, where you actually use it. Now, I'm going to tell you a silly story. Some time ago, I was walking down the street in London, listening to Bonnie Tyler on my phone, and I hit Next on my phone. Just give me the next song with Apple Music, and this U2 album started playing. I don't have this U2 album on my phone. This is the day that Apple decided to give everybody a U2 album for free. They gave everybody a U2 album. And I didn't want this, but what was striking was that it started playing immediately. It started downloading onto my phone, instantaneously playing, which is quite stunning if you think about it, which is suddenly in the street, I could get music like that. But I then instantaneously thought, I don't want this, I think I'll just Google how do I get rid of it. So, I went and Googled how do I get rid of this U2 album I didn't ask for, and I had a different experience at this point. At this point, it was extremely slow to get that response. There was this pause while Google did something, and you got a response. And that's, you know, eventually it came up like this, right? There's something that's almost a contradictory there. On the one hand, the streaming album could appear just like that. On the other hand, I couldn't get an answer quickly to a request about something. And so, why is that? Well, fundamentally, it's because of two things. I picked the UK here since I live in the UK, but this is, since 2011, the change in broadband speeds, the average speed you can get internet connectivity in the UK. So, guess what? It's gone up. And the same thing is true in every country in the world. We've got faster and faster connections, be they broadband connections at home, mobile connections. That allows something like a music album or a video to be thrown at your phone or at your TV at home very, very rapidly. At the same time, we have not made any real progress on the speed of light. This is the change of the speed of light in the same period. It's essentially flat, pretty much flat, I think. And it's the speed of light that really messes things up. You can get a tremendous amount of bandwidth where you can send something. But any time you have to go back to the service, you're hitting the speed of light. And although the speed of light is very, very big, it turns out that it's not actually fast enough to give us the instantaneous response that we'd really like. So, the further you are away from a server, the worse things are. And I'm sure many people in Singapore have experienced this. If you hit a web server, which is on the other side of the world, it can be slow. But that's the speed of light screwing up. And certainly Australians feel it very badly because they are physically far away from a lot of the actual infrastructure of the internet. So, what do you do about this? Well, this is obviously the planet. And the colouring here is roughly where the population of the planet is. So, if you want to solve this problem, what you do is you put data centres absolutely everywhere. This is Cloudflare's current network. We're essentially trying to build out wherever there's population. Now, it's slightly skewed because where there's population and where the internet cables are are slightly different things. So, the map is slightly odd. But the idea is to be really close to everybody so you get the performance benefits. And if I just draw, if you zoom in on North America, so we have this many pop-ups. And this circle here is 10 milliseconds from that data centre. You can get, at the speed of light, in copper, 10 milliseconds away from there. So, you can't get very far in 10 milliseconds. Every time you go back and forth, you are incurring a delay. So, you try and cover the whole planet with these 10 second circles so you can cover everything. And obviously, we'll be building out anywhere this population that we haven't covered. That allows us to do security and performance things. So, here we are today. This is the only kind of sales-y slide. There's a whole bunch of data centres. The key thing here is we handle about 10% of the internet. That's how I get to the claim that you've used us this week. Because you've been to some website, you saw a map that used us. And we have about 15 terabits per second network capacity. And the reason this is important is people are doing massive DDoS attacks on things at the moment. So, the internet is great. It's for everybody. And in fact, it turns out it's for everyone to get attacked on. So, one of the surprising things about the internet is exactly who gets attacked. And so, it's quite obvious. People obviously think, well, you know, who gets attacked? Political organisations or, you know, dubious services. But actually, you know, well, at the moment, everything that's to do with cryptocurrencies gets attacked. So, anywhere there's money, you get DDoS attacks. So obviously, in the gaming industry, you get continuous DDoS. It turns out, actually, that in ride sharing, you get DDoS attacks. Because if you can knock off the app, you might use a different app. Right now, cryptocurrencies are really, anyone who's got an exchange is dealing with DDoS attacks. Florists. Now, you wouldn't think florists would get DDoSed. But the reason florist gets DDoSed is that their business is quite cyclical, certain points at which they will have a large amount of their business. So around some Valentine's Day. So if you can DDoS your rival online florist just before February the 14th, you can steal their business. And this pattern follows in many industries where you see people DDoSing each other. Some of them totally legitimate like florists, some of them not. There's another great story. This is, this was an American slide I didn't recognise. This is a standardized test in the US where you fill in little dots. But the story behind this actually is that in the Netherlands, there is an online test that people do for certain qualifications, certain professional qualifications. And a few years ago, there was a student who didn't study. And these were all done the same day. You all go at the same time and you do your test. The student in the study and thought, well, how do I get out? Well, if the online testing is not available, I can say I couldn't. So he actually paid a DDoS service to DDoS, the government service that does this test on that day. No one could take the test. And he got an extra month or so to study. So DDoS, the thing is DDoS is weird because people think about the headline numbers, but what they don't see is the continuous nature of DDoS attacks. So in 2016, there was a DDoS attack against a company called Dyn, which is now part of our DNS provider. And here again is another thing people don't think about with DDoS. People often think about DDoS as going against a particular website or a particular service. In the case of Dyn, they went after the DNS infrastructure, which was used by a huge number of services. And there was a sort of a brownout across the internet as all these things couldn't be reached. And again, DDoS tends to attack not just frontally against particular websites, but against whatever infrastructure people can find. So one of the problems with DDoS is you can't really stop them alone. And this is because there is an asymmetry in the internet. It's much easier to be an attacker than a defender. You can much easily get a huge amount of firepower. And I'll show you exactly how to do that if you want. But to give you some idea, this is, I mean, make sure I don't fall off the stage. Over here, I've got an ordinary fast internet connection for a website, which is 10 gigabits per second if you're renting a really fast connection. So in 2007, the largest DDoS stack was 24 gigabits per second. So that was already completely overwhelming. And over time, it's gone up. So this year, the largest one was 1.7 terabits per second. So this thing is knocked off line. No matter what you do, you need some technique to deal with this. Whether it's a service provider or hardware, because the scale of this has got so large that it's impossible to defend against. Now, these are the headline numbers, right? These are the things that get impressed. The world's biggest DDoS, kind of nonsense. The reality is that DDoS attacks go on absolutely continuously. So this is the last few days, large attacks mitigated by Cloudflare. So lots at 40 gigabits per second, lots at 250, one at 340. So you've got multiple happening. So Cloudflare is continuously under DDoS attack. One of our customers is continuously under attack. And these are the larger sized ones, because there's always somebody who somebody dislikes and wants to knock off line. So the reality of DDoS is it's not just there are large headline numbers, but there's a continuous nature to it. There's always something that gets attacked. And again, even the smallest one here is four times the size of a decent internet connection. Very hard to defend against without some additional help. Along the bottom we've got some of the technologies which are being used, and I'll talk about those in a minute. This one was recently announced, the GitHub, you know, popular service had a 1.3 terabit per second attack. They used Prolexic to mitigate it. They went down for about eight minutes until they manually switched over to do DDoS mitigation. But that's pretty large, that's the largest, that was the largest that day. There was another one which was 1.7 terabits per second, which has not been discussed to it was. But they were, again, they managed to defend against. Just to talk about why these attacks get large, you build some weapon. And so what do you build the weapons out of? Well, there's a few different things. Most recently there's a lovely piece of software called Memcache, which is very widely used to make websites faster and other services. It turns out that there were a huge number, 87,000 of those machines, running this software on the internet exposed that could be used as a vector for doing DDoS. And what I mean by that is, it was possible to go ask one of those machines, please send a whole load of traffic to this thing over here. Just direct a load of traffic over there. And if you ask a number of them to do the same thing, you suddenly got a huge flood of traffic hitting a target. And it turned out that this was very potent. That's why we got some of the very, very large DDoS attacks that we saw. And this, by the way, this view, this is from a search engine, a specialized search engine where you can go find vulnerable machines. So there's a thing called show done. If you want to say, hey, I want to look up machines that might be vulnerable to this kind of problem. And yeah, here you go, draw your nice map and tell you how many there are. In those attacks, we spread all over the world. So there were these machines all over the world, particularly in Europe. There are a lot because of some configurations there. A very large number in China. Now, one of these things interesting about China is that you will often read in the press, this was a Chinese attack. China, scary. The reality is, there's a quarter of the internet users in the world are in China. That is the largest place in the world for the internet. So if you were to just throw darts at internet users in the world, guess what? You'd end up a huge number in China. So it's just a fact that that network is much larger than the rest of the world that you get a lot in China. Sure, there are also attacks that originated China, but if you're building a network of machines, you'll end up with a lot in China. So the problem here is this asymmetric and I'm going to talk about how it's asymmetric. So let's just talk about a DDoS attack here. We've got some victims in the US and some evil persons in the UK. Some reason they're often in the UK. So I mean what you would originally do is you would go out and would find a whole load of machines that are hacked around the world or have a vulnerable service running on them. And you would ask them to direct traffic to a victim. Now the reason this works is that the internet itself does not have any authentication. It doesn't have any way of proving that traffic came from somewhere. So what's happening is the victim, the attacker there, is pretending to be the victim and is sending a message to all those machines around the world saying, hey, I'm victim, please send me information. And in this case, all those servers around the world say, OK, here's the information you wanted. Even worse than that, the request that went out was very, very small. It's often a very little thing like, give me this piece of information. But the response back, the information returned, was gigantic. So in the case of the memcached attacks that took offline GitHub, it was 51,000 times larger the response than the request. So the attacker is sitting there, potentially in a coffee shop with not a very fast internet connection, pretending to be the victim saying, hey, I'm the victim, I'd like information from you, a bunch of machines around the world and bam, that thing is offline. It's completely asymmetric, very hard to defend against. So how do you defend against this? Well, you know, you've got all this traffic coming into a location. There are a couple of ways of doing it. One is the traditional scrubbing center. You have some really big computers somewhere and you direct all the traffic there, which is what GitHub did. The cloudflare way is to actually have all those data centers around the world act in concert so that wherever the attacker is, because we are close to the end user, wherever the attacker is, we absorb their traffic locally. And that way it never leaves the region in which it started from. So one question, most of us will remember being afraid of viruses and worms. We've got antivirus on our computer and we're worried about getting in. It might break our computer or slow it down. And most of that stuff, like you might remember these things, Melissa and Storm, stuff like that, we've kind of forgotten about them. And the reality is, it's not that those things have gone away, it's that fundamentally what's happened with viruses is they've gone from vandalism, which is what they were at one point, and sort of showing off your technical ability to actually being a business. And so there are really three major things that people do with viruses. They build these enormous botnets for doing DDoS. And when they build those botnets, they rent them out. So you can then say, you built this thing, you send out a virus, you get a load of machines and you rent them to people. Banking trojans, these are hugely popular, particularly in South America, which is you infect someone's computer, you wait for them to log in to their online banking and then you do a transaction. You transfer some money out of their bank account, very popular in some locations. And lastly, ransomware, which you've heard a lot about, you know, encrypt all your files and make you pay some amount of money. But the top one is interesting, right? You can build a botnet, you can turn that into a business. So this is an app. It's from a DDoS website. So for $25, I can have 350 gigabits per second. So this is what probably the student in the Netherlands did. They just went online, got out a credit card and paid to have somebody knocked off line. Though it's a reasonable business. Now, most of these people who run these, they make a bunch of money for a little while. Usually they brag about it and then they get arrested. So typically the cycle. Just to give you some idea of how easy this is, I'm going to do a little example. So in the UK, there's about 24 million subscribers and actually the average speed is not 4.3. It's a mistake. It's 3.7 megabits per second upload. So if you're uploading to attack. So how many British broadband subscribers do you need to hack in order to take someone offline? Well, okay, so let's suppose you choose, we're going to attack someone who has a 10 gigabit per second connection. So okay, 10 gigabit per second by 3.7. Okay, I'll use a slide rule for that. So 20, if I can just take over 2,700 broadband subscribers in the UK, I can knock someone offline. It's really a not very large number. And this is what that looks like. SSDP is this is a real attack that happened a couple of weeks ago. SSDP is a protocol you probably know better as plug and play. It's the thing that allows you to plug stuff in at home and it reconfigures your broadband at home to let a gaming console work or something like that. It's a nightmare from a DDoS perspective because on many broadband connections at home, it will respond to requests on the outside, on the internet side, not just inside your house. And so what you can do often is say to it, tell me everything about what's inside this particular network and it'll give you a list of printers and all that sort of information. And actually this is a protocol where you can lie about you being the victim. So you can say to, I'm the victim, I'd like to have this information. So this is a real attack from a couple of weeks about 300 gigabits per second. What's interesting is this happened hourly, about on the house, the automated it once an hour, run about 300 gigabits. And so this will be 20,000 home broadband connections somewhere blowing a machine offline. We've also seen an attack like this over critical business periods and Thanksgiving in the U.S., we saw one that ran every day only during. So about half a terabit per second, somebody at 8 a.m. started and ran it for eight hours and stopped. It really looked like running a business where they were knocking offline. So that's DDoS attacks. The only solution to them, well, one solution is to not get attacked. That's very hard because even if you're a florist you might. Another solution is you'll find something that will protect you. It's very hard. Switch gears slightly. I want to talk about what I call a fire door. So if you think about DDoS attacks, it's just overwhelming your side and knocking it offline. The other side of it is trying to break in to the service that you have online. And one of the problems is that the rate at which new vulnerabilities are found in web server software or in application software is such that it's very hard to defend without some sort of firewalling in place because as soon as there's a new vulnerability, the bad guys start exploiting it. Typically within minutes to hours. So you'll see it published and you'll be you'll be hey, oh, there's some horrible vulnerability in this piece of software. And while you're reading it, someone else is exploiting it already trying to attack things within within minutes. So you need something that I call this a fire door because the purpose of fire doors is there's a fire outside. It gives you enough time to patch your systems. That's what really what a WAF or a web application firewall will do. So this is the graph of the number of vulnerabilities found by year. You can see it's gone crazy within the last couple of years. So keeping up with this, you know, you have to keep your software patch. It's very easy to just patch your software, but you can't patch fast enough. And this is what happened to Equifax in the US. They knew about the vulnerability in Apache struts. They were in the process of patching it, but they were already packed. It was just too late. Talk about people. We, Cloudflare, sorry, 11 of the US presidential candidates, including, well, actually not including, and it was interesting to see how they got attacked. First of all, every single one got attacked more than others. You might be able to guess who it is. So if we looked at, to kind of break of these candidates. So everybody other than act pretty consistently. This is number of attack requests per day up until the election. A lot of activity once things got going, and then they just sort of got this buzz of a few thousand attacks per day, put them all together. Trump, I was a bit different. So the scale on this is millions rather than thousands. So he, on one day there there was 15 million attempts to break into his website. And that continued for a long time. So what's interesting here is it's really related to current events. So he made some comments and boom, people are trying to knock him offline. It's not working very well. Was really scared of. They declared in March 2016 Operation Trump, but they're going to knock him offline. Can't even see the bump. So he was getting attacked continuously. After he became the candidate to sort of carried on, it was really to do with his initial comments. It was a million requests in one day. We see this sort of pattern to do with current events. A launch a new product or someone makes a statement about it's not. Yeah. Okay. I'll use this. So we see these sorts of patterns happen. You know, it doesn't matter what the website is. And this was just just putting it all together. So, you know, this is the Trump campaign website. The orange is the Trump businesses. And then the other one, you can't even see is the other candidates. So clearly he got attacked a lot more than others. So what's Cloudflare trying to do is try to solve these two problems by being everywhere on the Internet. So build out data centers around the world, be near people so we can make the Internet faster. Stop attacks where they originate by doing it across the world. And by doing so, I think we can provide a better experience overall. There are lots of things that were never built into the original infrastructure of the Internet. There's no performance in it. Right? It's just an unreliable delivery mechanism and there's no security inherently in the Internet. So that's what we're doing on top. And finally, I mean, there was a good sort of end to this story which they did actually provide a remove this U2 album. Eventually I was able to download it and remove it. All right. That's it. Thank you. I think I'm going to hand over to Sebastian who's going to tell us about his experience using Cloudflare. Thank you very much.