A ‘fight AI with AI’ security approach is needed to combat cyberattacks – Radware

As high-volume, AI-driven bot attacks overload application infrastructures, standard security solutions that leverage pre-set signatures, CAPTCHAs, and rate limiting defenses will no longer suffice.

Radware’s is solving for this challenge with its newly launched AI-powered Radware Bot Manager.

“Generative AI tools are being used by hackers to create and debug never-before-seen scripts in minutes and then launch bot attacks that mimic legitimate human traffic to evade detection,” said Gabi Malka, Radware’s chief operating officer in an official press release.

Today’s bot attacks are more sophisticated, more persistent and more aggressive than ever before.

According to Radware’s data, the last two years saw a 138% growth in bad bots detected and mitigated, with nearly 85% of businesses experiencing bot attacks every month at least.

A good bot manager effectively detects and mitigates bad bots without disrupting the user experience.

“To keep up with AI-driven threats, you need AI-powered protection,” said Pascal Geenens, Director of Threat Intelligence at Radware.

“This is particularly important in the case of government organisations, which continue to be high value targets.

They attract malicious actors because of the lucrative and sensitive data they store, the widespread disruption and publicity they generate when breached, and the tactical advantage they serve in hybrid warfare.”

How AI enables a proactive, comprehensive approach to protection

To effectively defend against increasingly sophisticated attacks and enhance the end user experience, the latest edition of the Bot Manager takes a three-pronged approach to protection:

First, it preemptively blocks unwanted IPs and identities. Radware’s proprietary technology automatically prevents noise and bad bot traffic from reaching applications.

Radware’s technology taps on an AI-based Correlation Engine, iOS and Android device attestation for native mobile apps, and new advanced behind-the-scenes identity challenges for web applications.

Radware’s AI-based Correlation Engine automatically cross-correlates events between Bot Manager, the web application firewall (WAF) and API protection modules and blocks malicious sources across applications within an account in real-time.

Second, Bot Manager uses AI- and intent-based detection algorithms to detect zero-day bot scripts, human-like bots, and sophisticated distributed attacks.

New features enable it to automatically and accurately detect IP Rotators, HTTP Header Anomalies, CAPTCHA Farms, and Distributed Traffic Anomalies.

Third, Bot Manager offers a wide array of advanced mitigation techniques. Some of these include CAPTCHA-less crypto challenges based on blockchain technology, and new AI-based, real-time signature generation for accurate protection.

Getting ahead of bad actors in the AI race

Gen AI providers have recognized the importance of putting guardrails in place to prevent their models from being abused for nefarious purposes.

According to Radware’s 2024 Global Threat Analysis Report, as AI prompt hacking emerged as a new threat, it forced providers to continuously improve their guardrails.

The advent of Gen AI has also accelerated learning and research by threat actors. With the help of AI, less-skilled threat actors can become much more proficient and create more sophisticated attacks more quickly.

Advanced threat actors benefit from generative AI, too. The technology makes it easier for them to increase their productivity and discover vulnerabilities in open-source software and in an application’s code and infrastructure.

This can potentially result in a rapid increase of zero-day exploits appearing in the wild, stated the report.

From content scraping, data theft and stolen credentials, to account take overs and fraud, bad bots are among the most pervasive cyberthreats.  Left unchecked they come with costs, including customer churn, low conversion rates, fines, and lost revenues—an expensive proposition for any organisation.

Ready to fight AI with AI? Learn how Radware Bot Manager's multi-layer approach to protection can keep your website, apps, and APIs safe. Please complete your details access the document: