News

AI Bot Traffic: Which Automated Agents Should You Trust?

News | 06.07.2026

The era of generative artificial intelligence (GenAI) has fundamentally transformed the structure of the global web. According to threat research data, automated traffic from AI agents is growing exponentially, and today the classic cybersecurity strategy of "allow all" or "block all" no longer works. Webmasters and Chief Information Security Officers (CISOs) face a dilemma: if they block all automated requests, the company will disappear from the responses of smart search engines like ChatGPT or Perplexity. If they allow them, the infrastructure will collapse under the weight of aggressive AI scrapers.

The right approach lies in the precise classification of each AI bot, defining legitimate access zones, and continuous inspection of every request for malicious activity. To build an effective management policy, it is essential to understand in detail what types of AI bots we are dealing with.

AI bot classification: who is visiting your site

Modern robots utilizing artificial intelligence technologies differ significantly in their goals and behavioral strategies. Experts divide them into three key groups.

1. AI Search Bots

  • Goal: Crawling publicly available website pages so that new AI search engines and answer systems understand what content exists on the web.
  • Business impact: Help the company stay visible when users ask AI assistants questions like "Which solution is best for...?" or "Which vendor supports...?".
  • Access recommendation: It is recommended to allow their activity on public marketing pages, blogs, documentation sections, and product pages — everywhere where organic promotion is important.

2. AI Training Bots

  • Goal: Gathering open web content for training, fine-tuning, or improving foundational Large Language Models (LLMs).
  • Business impact: This is a high-risk zone. These agents absorb your intellectual property without providing any direct benefit in return, such as traffic to the site.
  • Access recommendation: Require a stricter control policy. Access to sensitive commercial data or restricted analytics must be limited for them.

3. AI Fetch Bots

  • Goal: Acting instantaneously in response to a direct request from a specific user. For example, when a person asks an AI assistant to summarize the contents of a specific URL or compare prices.
  • Business impact: Useful for the end customer, but can be exploited by attackers to bypass restrictions and perform real-time scraping.
  • Access recommendation: Allowed to operate only under the condition of full security verification and strict rate limiting.

Statistics from the Thales threat research center show that legitimate AI bots currently account for about 2% of total session traffic. At the same time, within the AI traffic segment itself, 85% is attributed to classic crawlers (scanners) and 15% to operational fetch bots.

The good news is that traditional attacks on applications by official AI bots remain at a relatively low level. Attempts at SQL injection, cross-site scripting (XSS), or exploiting backdoors are rarely recorded.

However, the main danger lies in the aggressiveness of the scanning. AI scrapers often ignore standard robots.txt file directives, send thousands of requests per second, cause critical server latency, and steal proprietary information. Furthermore, hacking tools that perform User-Agent spoofing often hide under the guise of legitimate AI agents.

How to bring automation under control

Traditional security tools (WAF) are unable to distinguish a good AI bot from a bad one because both perform technically legitimate HTTP requests. To solve this problem, Thales has developed specialized mechanisms for deep behavioral analysis.

Instead of spending hundreds of hours manually writing rules for each new bot, the modern approach requires automated, intelligent management at the category, endpoint, and intent levels.

Key differences in security approaches

Traditional security (Static WAF)

  • Identification: Analysis based on signatures and IP addresses.
  • Reaction to AI bots: Either blocks everyone indiscriminately or allows them through completely, creating a blind spot.
  • Scraping effectiveness: Low. Unable to stop bots that utilize residential proxy rotation.

Thales (Imperva) Intelligent Automation Control

  • Identification: Behavioral analysis, device fingerprinting, and intent verification.
  • Reaction to AI bots: Granular rules. Ability to allow AI search, restrict AI training, and block malicious agents.
  • Scraping effectiveness: High. Blocks automated OWASP threats at the business logic and API levels.

Current Thales (Imperva) solutions for AI traffic management

For reliable protection of your web resources, mobile applications, and software interfaces, Thales offers a comprehensive technology stack:

  • Imperva Advanced Bot Protection (ABP): An advanced solution for detecting and mitigating the activity of sophisticated bots. It utilizes static analysis, challenge analysis (JS verification, cookies), and behavioral models. ABP classifies AI bots in real time, preventing unauthorized data scraping, account takeover, and infrastructure overload, while maintaining access for trusted search robots.
  • Imperva Cloud WAF with AI Bot Management module: A next-generation cloud firewall that is now equipped with a specialized function for classifying AI scrapers. It allows administrators to create comprehensive global LLM traffic management rules (such as ChatGPT, Claude, ByteSpider) in a single click, reducing server operational costs.
  • Imperva API Security: Given that up to 44% of advanced bot attacks have shifted from standard web interfaces directly to API endpoints, this solution provides continuous discovery of shadow APIs, classification of transmitted data, and protection of application logic against automated AI agents operating at machine speeds.

Softprom experts possess deep expertise in designing web application protection systems. Softprom — a Value Added Distributor of Thales (Imperva) — provides comprehensive technical support at the planning stage, helps deploy pilot projects within the customer's real infrastructure, and adapts security policies to individual business requirements.