Terret ingests 300K+ calls, runs continuous LLM inference, deploys agentic playbooks to 500+ reps in real time, and syncs state back to Salesforce — all while processing some of the most sensitive commercial intelligence your customers own. That's a serious infrastructure problem. This brief maps each layer of Terret's platform to the Cloudflare product that solves it.
Platform Analysis
Before mapping solutions, it's worth naming the infrastructure demands Terret's architecture creates. The Nexus platform isn't a simple SaaS app — it's a real-time data pipeline with continuous LLM inference and agentic execution at the edge of enterprise networks.
Nexus runs LLM inference continuously — analyzing call transcripts, building playbooks, generating per-rep briefs, and answering natural language revenue questions against live deal data. At 312K+ calls per quarter with multiple inference passes per call, this is high-volume, latency-sensitive AI workload.
Terret doesn't just analyze — it deploys. Playbooks push to 542 reps across 3,140 active deals simultaneously. Briefs deliver via Slack 30 minutes before each call. CRM records update automatically. Sequence emails queue. This requires durable, stateful execution that can fan out to thousands of per-deal workflows without a dropped message.
The Revenue Graph ingests structured CRM data (Salesforce, HubSpot), unstructured call recordings, email threads, and product usage signals. Raw audio and transcripts from 312K+ calls represent significant object storage — with $0 egress being critical when those assets feed back into the LLM pipeline repeatedly.
Terret processes confidential sales intelligence — unreleased deal terms, competitive positioning, customer financials, rep performance data. Enterprise customers like Carta and Grafana Labs passed Terret through rigorous infosec reviews. The infrastructure needs to match: Zero Trust access to internal tooling, WAF protection for the API surface, and DDoS resilience for the real-time delivery layer.
Terret has two distinct surface areas: an externally-facing SaaS app that processes enterprise deal intelligence (attack target) and a 30-minute brief delivery SLA to 500+ reps globally (performance requirement). These need separate but complementary infrastructure answers — WAF/Bot Management for the attack surface, CDN + Argo for the delivery SLA.
Solution Mapping
Every infrastructure demand Terret's platform creates, mapped to the Cloudflare product that addresses it — with the specific mechanism of value for each.
Terret's core competitive advantage is the intelligence layer — but running LLM inference at 312K+ calls/quarter against multiple models (for analysis, playbook generation, brief writing, and the live Nexus Q&A interface) creates three concrete problems: cost at scale, latency consistency, and reliability when a model provider degrades.
AI Gateway sits as a managed proxy in front of every model call — OpenAI, Anthropic, any provider Terret uses. It adds zero meaningful latency (runs at Cloudflare's edge, co-located with Terret's compute) while giving Amit's team full observability into token spend, request volume, error rates, and cache hit ratios across every LLM call in the platform.
Call analysis questions like "what objections came up?" repeat across similar calls. AI Gateway caches semantically similar prompts — Terret pays for inference once, not N times per pattern. Directly cuts inference cost at Terret's call volume.
When GPT-4o has an outage at 8:55 AM on a Monday (pre-call brief delivery window), AI Gateway automatically routes to Claude or another provider — Terret's 30-minute brief SLA survives a provider incident.
Per-request logs with model, token count, latency, cost, and cache hit/miss. Amit can answer "what did our LLM infrastructure cost this quarter per customer" — a question most AI companies can't answer today.
Enterprise customers with large rep pools can inadvertently spike inference costs. AI Gateway enforces per-customer rate limits without code changes to Terret's application layer.
When Nexus deploys a playbook to 542 reps across 3,140 active deals, that's a fan-out of thousands of per-deal state machines that need to run reliably, update CRM records, queue Slack messages, and fire pre-call briefs on a precise schedule. This is exactly what Workers + Durable Objects were built for.
Terret's Revenue Graph is built on data — call recordings, transcripts, CRM snapshots, voice-of-customer quotes, and playbook artifacts. At 312K+ calls per quarter, the raw audio and transcript storage alone is multi-terabyte. Every time that data feeds back into an LLM pipeline, S3 egress charges compound.
Terret's CTO (Amit) published research on Role-Based Access Control policy analysis and anomaly detection — he has a deep personal background in security. The platform holds confidential deal intelligence for Carta, Grafana Labs, and Cloudflare itself. The CRO at Carta explicitly called out infosec in his testimonial: "we put Terret through the paces on the infosec front, and they passed with flying colors."
For lower-stakes inference tasks — call transcript classification, entity extraction (extracting competitor names, objection categories, deal stage signals from transcripts), and embedding generation for semantic search across the Revenue Graph — Workers AI offers serverless GPU inference with pay-per-token pricing and no cold starts.
Terret's attack surface is meaningful: app.boostup.ai is a public-facing SaaS app that processes enterprise deal intelligence, and the Nexus Q&A interface accepts natural language queries against live customer revenue data. The REST API ingests CRM webhooks from Salesforce, HubSpot, and other revenue tooling — all of which are high-value targets for credential stuffing, scrapers, and application-layer abuse.
Cloudflare's application security stack sits in front of all of this at the network edge — before traffic ever reaches Terret's origin — with no performance penalty to legitimate users.
Cloudflare's managed ruleset (OWASP + Cloudflare's own threat intelligence) blocks SQLi, XSS, and CSRF out of the box. Custom rules can protect Terret-specific API paths — for example, blocking access to /api/deals/* without a valid session token at the edge, before it hits the origin.
Terret's Nexus UI contains competitively sensitive information — rep performance data, win/loss patterns, deal intelligence. Bot Management uses ML-based fingerprinting to block scrapers and headless browsers that probe the application, while passing legitimate enterprise users without friction (no CAPTCHAs on authenticated sessions).
Terret's inbound webhook surface (Salesforce → Terret, HubSpot → Terret, Slack → Terret) is an API that accepts untrusted external events. API Shield validates that inbound requests match the expected schema, enforces mTLS for webhook sources, and rate-limits per-integration endpoint — preventing malformed payloads from reaching Terret's pipeline.
Terret's value to customers is highest during active sales cycles — QBR season, quarter-end pushes. These are also the moments when a coordinated attack against app.boostup.ai would be most damaging. Cloudflare's unmetered DDoS protection (L3/L4 and L7) absorbs volumetric attacks automatically with no bandwidth overage charges.
Login endpoint abuse targeting enterprise rep accounts — blocked by Bot Management's ML fingerprinting before reaching Terret's auth layer.
Automated scrapers probing the Nexus interface for win rates, rep performance, and deal patterns — blocked by Bot Management without disrupting authenticated user sessions.
Malformed or high-volume webhook payloads from compromised integration sources — rate-limited and schema-validated by API Shield at the edge.
Terret's platform has a hard real-time delivery requirement: pre-call briefs reach 500+ reps 30 minutes before each meeting. That delivery window is simultaneously the highest-traffic moment (everyone opens their brief at the same time) and the highest-stakes moment (a slow or failed delivery directly impacts a rep's call prep). The CDN layer is the infrastructure that makes this SLA survivable under load.
Cloudflare's CDN runs across 330+ cities on an anycast network — meaning a rep in London, Chicago, and Singapore all hit a local PoP, not a single US-east origin. Response times for cached brief assets drop from 300–600ms (cross-continental origin) to under 30ms (local PoP).
Brief PDFs, playbook documents, and training decks generated by Nexus are identical for many recipients. Cloudflare's tiered cache serves these assets from edge PoPs without hitting Terret's origin — absorbing the simultaneous brief-open spike that happens every morning across enterprise accounts.
For uncacheable, real-time Nexus API calls (deal state queries, live forecast updates), Argo routes requests over Cloudflare's private backbone rather than the public internet — reducing latency by 30–40% on average for API traffic that can't be cached.
app.boostup.ai's React/Next.js frontend deployed on Cloudflare Pages: git-push deploys with instant global distribution, per-PR preview environments, and automatic cache invalidation on new deploys. Zero origin scaling required for the static asset layer.
Cloudflare's cache analytics show cache hit ratios per asset type, origin response times, and bandwidth saved. Terret can instrument real user performance metrics via Cloudflare's RUM to baseline brief delivery latency per geographic market and per enterprise customer.
Quick Reference
| Terret Requirement | Cloudflare Product | Specific Value | Priority |
|---|---|---|---|
| LLM inference cost, reliability, observability | AI Gateway | Semantic caching, model fallback, per-request cost logs, rate limiting | Highest |
| Agentic playbook execution at scale | Workers Durable Objects Workflows | Per-deal stateful agents, durable retryable pipelines, sub-50ms API responses | High |
| Call archive + Revenue Graph storage | R2 D1 | $0 egress on multi-TB call archive, serverless SQL for deal graph queries | High |
| Internal access control, infosec posture | Zero Trust Tunnel WAF | No VPN, device posture, no exposed IPs, API surface protection | High |
| High-volume transcript classification + embedding | Workers AI Vectorize | Serverless GPU inference for open-source models, vector search over Revenue Graph | Consider |
| API surface, login endpoint, scraper & DDoS protection | WAF Bot Mgmt API Shield DDoS | Managed ruleset, ML bot fingerprinting, API schema validation, unmetered L7 DDoS | High |
| Brief delivery SLA, global performance, frontend resilience | CDN Argo Pages | <30ms brief delivery from local PoP, Argo smart routing on API calls, spike absorption | High |
Cloudflare's sales team uses Terret Nexus to run pipeline analysis, generate rep briefs, and forecast revenue. That means Terret's platform is processing Cloudflare's deal data — and Cloudflare is one of the logos on your homepage. The conversation we're proposing is: let's also power the infrastructure that makes Terret Nexus run.