Already on Cloudflare · the conversation is what comes next

1B+ components. 1M+ suppliers. 200K+ sites.
One developer platform built to broadcast it all in real time.

Z2Data's intelligent data platform ingests, scores, and broadcasts external risk across an extraordinary surface area — components, suppliers, manufacturing sites, market segments, countries, live events and news. Cloudflare's developer platform is the natural runtime for the next layer: edge-resident inference, semantic search across the component graph, AI-driven entity extraction from the live news feed, and per-customer tenancy for industries from Aerospace to Healthcare.

server: cloudflare · cf-ray on every response · cf-cache-status: HIT on z2data.com · the front door is already running on us — this sketch is about the back-end primitives.

See the product map  → Skip to the conversation
1B+
Electronic components indexed
1M+
Suppliers worldwide
200K+
Manufacturing sites mapped
10K+
PCNs tracked & deduplicated
105+
Regulations monitored (REACH, RoHS, UFLPA, CMRT...)
Trusted by global supply-chain leaders
Qualcomm NetApp Palo Alto Networks Teradyne Techtronic Industries QSC Rakon PDW

A risk-intelligence platform is, underneath, a real-time data pipeline.

Component databases, regulatory feeds, supplier filings, news wires, geopolitical events, and PCN documents flow in. Risk scores, alerts, BOM analyses, and supplier intelligence flow out — to web apps, ERP/PLM connectors, and customer dashboards across six industries. Cloudflare's developer primitives map cleanly onto every layer of that pipeline.

The Z2Data pipeline, sketched on Cloudflare primitives

Each box is a Cloudflare primitive doing the job it was designed for. None of it requires you to throw out what's there.
SOURCES
News + regulatory feeds, PCN docs, supplier filings, geo events
unstructured & semi-structured
INGEST + EXTRACT
Workers + Workers AI
entity extraction, dedupe, classify
STORE + INDEX
R2 + D1 + Vectorize
corpus · relational · semantic
SERVE + BROADCAST
Workers + Durable Objects
scoring, alerts, web + API
The shape of the platform fits the shape of the primitives. Z2Data is a data-broadcast company — you take a chaotic global signal and you publish a clean one. Cloudflare runs 330+ POPs in front of that broadcast already. Pushing the ingest + scoring + retrieval tiers onto the same edge collapses the distance between source and customer dashboard from continents to milliseconds.

Six products, six developer-platform centers of gravity.

Each Z2Data product has a different shape — some are read-heavy lookup (Part Risk Manager), some are write-heavy ingest (PCN Manager), some are graph traversal (Sub-Tier Intelligence). Each one maps to a different Cloudflare primitive as its natural runtime.

PRODUCT 01

Part Risk Manager → Vectorize + D1

1 billion+ components with deep MPN/AVL data, lifecycle status, forecasts, cross-references, BOM analysis. The lookup pattern is "give me everything semantically near this part number," not "give me an exact string match."

The wedge: Vectorize as the native vector layer for component similarity + D1 for the relational fields. Sub-50ms lookups from any POP, against a corpus that grows by millions of parts a quarter.
Vectorize D1 Workers
PRODUCT 02

Supply Chain Watch → Workers + Durable Objects

Map and monitor the entire supply chain with real-time event monitoring and market alerts across 200,000+ sites. The interesting state is per-customer: which sites am I watching, which alerts have I acknowledged, what's my custom risk threshold.

The wedge: Durable Objects give you a persistent, single-writer object per customer-site-watch — perfect for state-rich alert pipelines without standing up a separate Kafka + Postgres tier.
Workers Durable Objects Queues
PRODUCT 03

Sub-Tier Intelligence → Workers + Graph traversal

Identify risky and banned sub-tier entities, UFLPA compliance, forced-labor exposure, country dependency risk. This is graph traversal over supplier relationships — "who's two hops away from a banned entity?"

The wedge: Workers + D1 + Durable Objects for cacheable graph hops at the edge. Per-tenant graph snapshots in DOs; vector embeddings of supplier descriptions in Vectorize for fuzzy matching.
Workers D1 Vectorize
PRODUCT 04

PCN Manager → Workers AI + R2

Manage and deduplicate 10,000+ Product Change Notifications. Each PCN is a PDF or HTML doc that has to be parsed, classified, deduplicated against existing PCNs, and tagged to affected parts. Today this is hard, manual work.

The wedge: Workers AI for OCR + entity extraction + classification on every incoming PCN. R2 for the document corpus. Vectorize for semantic dedupe. AI Gateway sits in front for cost + observability.
Workers AI R2 Vectorize
PRODUCT 05

Compliance Manager → Workflows + R2

Monitor 105+ regulations (REACH, RoHS, UFLPA, CMRT, Prop65, ...), manage documentation, generate FMDs and COCs, export to PLM/ERP. Each customer audit is a multi-step workflow with handoffs and human approvals.

The wedge: Workflows give you durable, replayable, observable multi-step pipelines without standing up Temporal or Airflow. R2 holds the generated reports with zero egress when exporting to customer PLM/ERP systems.
Workflows R2 Workers
PRODUCT 06

Supplier Insights → AI Gateway + Vectorize

1,000,000+ supplier profiles with financials, patents, M&A alerts, event monitoring. The interesting query is "summarize this supplier's risk profile based on the last 90 days of public signal" — that's an LLM call, repeated millions of times across customers.

The wedge: AI Gateway in front of whichever LLM you use (OpenAI, Anthropic, Workers AI). Semantic cache for repeated supplier summaries. Per-customer + per-industry cost attribution included for free.
AI Gateway Vectorize Workers AI

The live news and events feed is where AI Gateway pays for itself.

Z2Data ingests a continuous stream of geopolitical events, regulatory updates, supplier news, and market signals. Each one has to be parsed, classified by industry/region/supplier, scored against every affected customer's BOM, and broadcast as an alert. That's a textbook AI Gateway workload — millions of small inference calls, enormous cache opportunity, and per-customer cost attribution that today is invisible.

A back-of-the-envelope, not a quote
Modeled across PCN ingest + news event classification + supplier summarization at $5 / M blended tokens (smaller specialist models)
DAILY AI CALLS ACROSS INGEST
~500K–1.2M
News events × affected supplier matching, PCN OCR + classification, supplier summarization on demand, regulatory text analysis.
SEMANTIC CACHE HIT RATE
45–65%
Supply-chain news clusters heavily by topic — "Taiwan earthquake affects TSMC fab" appears in dozens of feeds. Cache the summary once.
ANNUAL INFERENCE SAVINGS
$0.4M–$1.2M
Plus per-customer + per-industry attribution, which directly enables tiered pricing across Aerospace, Automotive, Healthcare, Telecom.
The real win isn't the savings, it's the attribution. When Aerospace & Defense customers, Automotive customers, and Healthcare customers each have their own AI cost line — broken out by ingest pipeline, by alert volume, by BOM depth — you can defensibly price industry packages, justify enterprise tiers, and decide which AI features deserve the next round of investment. That data lives inside AI Gateway by default, not as a future analytics build.

Six industries, six tenants. Workers for Platforms = the boundary.

Aerospace, Automotive, Healthcare, Telecom, Consumer Electronics, and Industrial customers all want the same six products — but with different regulatory rules, different risk scoring weights, different alert thresholds, and (increasingly) different data-residency requirements. That's not a feature flag. That's an isolation boundary.

Per-industry tenancy, sketched

Each industry gets its own Worker namespace inside Workers for Platforms. Same edge, same observability, completely isolated AI budget, alert routing, and data residency.
✈️
Aerospace & Defense
🚗
Automotive
🏥
Healthcare & Medical
📱
Telecom
📺
Consumer Electronics
🏭
Industrial
Shared control plane — Workers for Platforms + AI Gateway + Vectorize
one runtime · one observability surface · cross-tenant isolation enforced by infrastructure

What's running where today, and where the developer platform fits.

Everything here is sourced from public DNS records and HTTP response headers on z2data.com. The first row is the only piece of Cloudflare in production today — the rest is the expansion footprint.

Current stack, with Cloudflare overlaid

The green row is live today. The rest is the developer platform sketch.
LAYER
WHAT Z2DATA RUNS TODAY
CLOUDFLARE FIT
EDGE / CDN
Cloudflare in front of z2data.com (cf-ray, cf-cache-status, _cfuvid cookie)
✅ Live — the foundation everything else snaps onto
MARKETING SITE
Webflow (x-wf-region: us-east-1, cdn.webflow.com CNAME)
No change — Webflow fronts cleanly behind your existing CF zone
APP + API PLANE
Co-located hosting on 66.160.173.x (login / api / app subdomains)
+ Workers in front for caching, rate-limiting, edge logic
DNS
GoDaddy (ns23 / ns24.domaincontrol.com)
+ Cloudflare DNS for unified observability + faster propagation
COMPONENT CORPUS
1B+ components, deep MPN/AVL data, lifecycle, forecasts
+ Vectorize for semantic similarity + D1 for relational lookup
PCN + DOCUMENT STORE
10K+ PCNs, FMDs, COCs, regulatory documents
+ R2 (zero egress) as the document corpus; Workers AI for OCR
LIVE EVENTS + NEWS FEED
Real-time market alerts & event monitoring
+ Workers AI for entity extraction; AI Gateway in front for caching
PER-CUSTOMER STATE
Watch lists, alert thresholds, custom risk scores
+ Durable Objects = persistent state per customer-watch, no DB tier
PER-INDUSTRY ISOLATION
Six industries, different regulations & alert routing
+ Workers for Platforms — per-industry namespace by construction
EMAIL
Microsoft 365 (Outlook MX), HubSpot + Pardot + ElasticEmail
+ Cloudflare Email Security as defense-in-depth (optional)
ALERT DELIVERY
Web app + email + (likely) webhooks to customer ERP/PLM
+ Queues + Workflows for durable, replayable alert pipelines
EMPLOYEE ACCESS
Likely VPN to app/api plane on 66.160.173.x
+ Zero Trust Access — identity-aware proxy, no VPN

Why move the back-end onto the same edge as the front?

Three reasons make this the right quarter to start the conversation. One: the AI workload inside Z2Data is already large and growing — PCN OCR, supplier summarization, news entity extraction, regulatory text classification. Every one of those calls is a candidate for AI Gateway's cache + observability + cost attribution.

Two: the customer mix is industry-segmented in a way that maps cleanly to Workers for Platforms. Aerospace + Defense customers have different data-residency and audit requirements than Consumer Electronics. Per-industry isolation is increasingly an enterprise procurement ask, not a future feature.

Three: the foundation is already there. Cloudflare is already in front of z2data.com today. There's no procurement event to start, no security review to begin from zero. The MSA, the SOC mapping, the support relationship — they already exist. Expanding the developer-platform footprint is a roadmap conversation, not a vendor selection.

Worth a 30-minute conversation with the team building the platform?

You already know the edge works — it's caching your homepage right now. The interesting conversation is which of these primitives is closest to your current sprint: Vectorize for component similarity, AI Gateway for the news feed pipeline, or Workers for Platforms behind the industry segments. I'd rather hear what's actually on your roadmap than guess.

Matt Holscher Calendar  → Reply by email