The solution: AI-powered protection that adapts in real time
Hackers are no longer content with launching brute force campaigns; they adapt their behavior and tactics in real time.
“If ten years ago we saw thousands of IPs, now it’s millions,” says Dan. “Attackers rotate IPs and change user-agent strings constantly. The protocol is stateless, and they use that to their advantage. Every request can look different.”
At this level of sophistication, traditional bot detection, which asks “Is this traffic human or automated?” begins to show its limitations. That’s when Dan and his team realized the real question wasn’t who was behind the traffic, but what they were trying to do.
Focusing on intent, not just identity, meant looking beyond static rules and signatures. It meant understanding behavior in context: Does this session resemble account validation? Is this login attempt part of a larger credential stuffing pattern? Does this cart activity signal abuse or legitimate interest?
DataDome’s real-time, AI-driven detection engine played a key role in answering those important questions. By analyzing traffic at the edge based on behavior and intent, Dan could make smarter, earlier decisions before threats reached sensitive endpoints.
“When you clean the top of the funnel, every downstream layer gets smarter. They’re seeing clearer traffic and can better distinguish between legitimate and abusive behavior,” Dan says. “That improves our visibility, helps our models learn faster, and reduces friction for real users.”
One of the strengths of DataDome is its ability to probe intent silently by sending background browser challenges from Device Check and assessing how sophisticated the actor is. “We can do that without introducing new friction, and that is a real advantage,” Dan adds.
