Be part of our every day and weekly newsletters for the most recent updates and unique content material on industry-leading AI protection. Study Extra
Greater than 40% of company fraud is now AI-driven, designed to imitate actual customers, bypass conventional defenses and scale at speeds that overwhelm even the best-equipped SOCs.
In 2024, practically 90% of enterprises had been focused, and half of them misplaced $10 million or extra.
Bots emulate human conduct and create complete emulation frameworks, artificial identities, and behavioral spoofing to drag off account takeovers at scale whereas slipping previous legacy firewalls, EDR instruments, and siloed fraud detection techniques.
Attackers weaponize AI to create bots that evade, mimic, and scale
Attackers aren’t losing any time capitalizing on utilizing AI to weaponize bots in new methods. Final yr, malicious bots comprised 24% of all web site visitors, with 49% categorised as ‘advanced bots’ designed to imitate human conduct and execute complicated interactions, together with account takeovers (ATO).
Over 60% of account takeover (ATO) makes an attempt in 2024 had been initiated by bots, able to breaching a sufferer’s credentials in actual time utilizing emulation frameworks that mimic human conduct. Attacker’s tradecraft now displays the flexibility to mix weaponized AI and behavioral assault strategies right into a single bot technique.
That’s proving to be a deadly mixture for a lot of enterprises already battling malicious bots whose intrusion makes an attempt usually aren’t captured by current apps and instruments in safety operations facilities (SOCs).
Malicious bot assaults pressure SOC groups into firefighting mode with little or no warning, relying on the legacy of their safety tech stack.
“Once amassed by a threat actor, they can be weaponized,” Ken Dunham, director of the menace analysis unit at Qualys just lately mentioned. “Bots have incredible resources and capabilities to perform anonymous, distributed, asynchronous attacks against targets of choice, such as brute force credential attacks, distributed denial of service attacks, vulnerability scans, attempted exploitation and more.”
From fan frenzy to fraud floor: bots nook the marketplace for Taylor Swift tickets
Bots are the digital model of attackers who can scale to tens of millions of makes an attempt per second to assault a focused enterprise and more and more high-profile occasions, together with concert events of well-known entertainers, comparable to Taylor Swift.
DataDome observes that the worldwide recognition of Taylor Swift’s concert events creates the ROI attackers are in search of to construct ticket bots that automate what scalpers do at scale. Ticket bots, as DataDome calls them, scoop up huge portions of tickets on the world’s hottest occasions after which resell them at vital markups.
The bots flooded Ticketmaster and had been a big a part of a surge of 3.5 billion requests that hit the ticket website, inflicting it to crash repeatedly. 1000’s of followers had been unable to entry the presale group, and in the end, the overall ticket sale needed to be canceled.
Swarms of weaponized bots froze tens of 1000’s of Swifties from attending her final Eras live performance tour. VentureBeat has realized of comparable assaults on the world’s main manufacturers on their on-line shops and presence globally. Coping with bot assaults at that scale, powered by weaponized AI, is past the scope of an e-commerce tech stack to deal with – they’re not constructed to take care of that degree of safety menace.
“It’s not just about blocking bots—it’s about restoring fairness,” Benjamin Fabre, CEO of DataDome, instructed VentureBeat in a latest interview. The corporate helped deflect comparable scalping assaults in milliseconds, distinguishing followers from fraud utilizing multi-modal AI and real-time session evaluation.
Bot assaults weaponized with AI usually begin by concentrating on login and session flows, bypassing endpoints in an try to not be detected by commonplace internet software firewalls (WAF) and endpoint detection and response (EDR) instruments. Such subtle assaults should be tracked and contained in a enterprise’s core safety infrastructure, managed from its SOC.
Why SOC groups are actually on the entrance line
Weaponized bots are actually a key a part of any attacker’s arsenal, able to scaling past what fraud groups alone can include throughout an assault. Bots have confirmed deadly, taking down enterprises’ e-commerce operations or, within the case of Ticketmaster, a best-selling live performance tour price billions in income.
Because of this, extra enterprises are bolstering the tech stacks supporting their SOCs with on-line fraud detection (OFD) platforms. Gartner’s Dan Ayoub just lately wrote within the agency’s analysis observe Rising Tech Affect Radar: On-line Fraud Detection that “organizations are increasingly waking up to the understanding that ‘fraud is a security problem’ as is becoming evident in adoption of some of the emerging technologies being leveraged today”.
Gartner’s analysis and VentureBeat’s interviews with CISOs verify that at this time’s malicious bot assaults are too quick, stealthy and able to reconfiguring themselves on the fly for siloed fraud instruments to deal with. Weaponized bots have lengthy been capable of exploit gaps between WAFs, EDR instruments and fraud scoring engines, whereas additionally evading static guidelines which are so prevalent in legacy fraud detection techniques.
All these elements and extra are why CISOs are bringing fraud telemetry into the SOC.
Journey-Time Orchestration is the subsequent wave of on-line fraud detection (OFD)
AI-enabled bots are always studying the best way to bypass long-standing fraud detection platforms that depend on sporadic or single point-in-time checks. These checks embody login validations, transaction scoring monitoring over time, and a sequence of challenge-responses. Whereas these had been efficient earlier than the widespread weaponization of bots, botnets and networks, AI-literate adversaries now know the best way to exploit context switching and, as many deepfakes assaults have confirmed, know the best way to excel at behavioral mimicry.
Gartner’s analysis factors to Journey Time Orchestration (JTO) because the defining structure for the subsequent wave of OFD platforms that may assist SOCs higher include the onslaught of AI-driven bot assaults. Core to JTO is embedding fraud defenses all through every digital session being monitored and scoring threat constantly from login to checkout to post-transaction conduct.
Journey-Time Orchestration constantly scores threat throughout your complete person session—from login to post-transaction—to detect AI-driven bots. It replaces single-point fraud checks with real-time, session-wide monitoring to counter behavioral mimicry and context-switching assaults. Supply: Gartner, Innovation Perception: IAM Journey-Time Orchestration, Feb. 2025
Who’s establishing an early lead in Journey Time Orchestration protection
DataDome, Ivanti and Telesign are three corporations whose approaches present the ability of shifting safety from static checkpoints to steady, real-time assessments is paying off. Every additionally reveals why the way forward for SOCs should be predicated on real-time information to succeed. All three of those corporations’ platforms have progressed to delivering scoring for each person interplay all the way down to the API name, delivering higher contextual perception throughout each conduct on each system, inside every session.
What units these three corporations aside is how they’ve taken on the challenges of hardening fraud prevention, automating core safety capabilities whereas regularly bettering person experiences. Every combines these strengths on real-time platforms which are additionally AI-driven and regularly be taught – two core necessities to maintain up with weaponized AI arsenals that embody botnets.
DataDome: Pondering Like an Attacker in Actual Time
DataDome, A class chief in real-time bot protection, has intensive experience in AI-intensive behavioral modeling and depends on a platform that features over 85,000 machine studying fashions delivered concurrently throughout 30+ world PoPs. Their world attain permits them to examine greater than 5 trillion information factors every day. Each internet, cellular and API request that their platform can determine is scored in actual time (usually inside 2 milliseconds) utilizing multi-modal AI that correlates system fingerprinting, IP entropy, browser header consistency and conduct biometrics.
“Our philosophy is to think like an attacker,” Fabre instructed VentureBeat. “That means analyzing every request anew—without assuming trust—and continuously retraining our detection models to adapt to zero-day tactics”.
Not like legacy techniques, which lean on static heuristics or CAPTCHAs, DataDome’s method minimizes friction for verified, legit customers. Its false-positive price is beneath 0.01%, which means fewer than 1 in 10,000 human guests see a problem display. Even when challenged, the platform invisibly continues conduct evaluation to confirm the person’s legitimacy.
“Bots aren’t just solving CAPTCHAs now—they’re solving them faster than humans,” Fabre added. “That’s why we moved away from static challenges entirely. AI is the only way to beat AI-driven fraud at scale”.
Living proof: DataDome has confirmed able to distinguishing between bots and followers in milliseconds, stopping bulk buyouts and preserving ticket fairness throughout peak masses – all in real-time. In luxurious retail, manufacturers like Hermès deploy DataDome to guard high-demand drops (e.g., Birkin luggage) from automated hoarding.
Ivanti Extends Zero Belief and publicity administration into the SOC
Ivanti is redefining publicity administration by integrating real-time fraud alerts immediately into SOC workflows by its Ivanti Neurons for Zero Belief Entry and Ivanti Neurons for Patch Administration platforms. “Zero trust doesn’t stop at logins,” Mike Riemer, Ivanti Discipline CISO instructed VentureBeat throughout a latest interview. “We’ve extended it to session behaviors including credential resets, payment submissions, and profile edits are all potential exploit paths.”
Ivanti Neurons constantly evaluates system posture and identification conduct, flagging anomalous exercise and imposing least-privilege entry mid-session. “2025 will mark a turning point,” added Daren Goeson, SVP of product administration at Ivanti. “Now defenders can use GenAI to correlate behavior across sessions and predict threats faster than any human team ever could.”
As assault surfaces increase, Ivanti’s platform helps SOC groups detect SIM swaps, mitigate lateral motion and automate dynamic microsegmentation. “What we currently call ‘patch management’ should more aptly be named exposure management or how long is your organization willing to be exposed to a specific vulnerability?” Chris Goettl, VP of product administration for endpoint safety at Ivanti instructed VentureBeat. “Risk-based algorithms help teams identify high-risk threats amid the noise of numerous updates.”
“Organizations should transition from reactive vulnerability management to a proactive exposure management approach,” added Goeson. “By adopting a continuous approach, they can effectively protect their digital infrastructure from modern cyber risks.”
Telesign’s AI-driven identification intelligence pushes fraud detection to session scale
Telesign is redefining digital belief by bringing identification intelligence at session scale to the entrance traces of fraud detection. By analyzing greater than 2,200 digital identification alerts starting from telephone quantity metadata to system hygiene and IP fame, Telesign’s APIs ship real-time threat scores that catch bots and artificial identities earlier than injury is finished.
“AI is the best defense against AI-enabled fraud attacks,” mentioned Telesign CEO Christophe Van de Weyer in a latest interview with VentureBeat. “At Telesign, we are committed to leveraging AI and ML technologies to combat digital fraud, ensuring a more secure and trustworthy digital environment for all.”
Quite than counting on static checkpoints at login or checkout, Telesign’s dynamic threat scoring constantly evaluates conduct all through the session. “Machine learning has the power to constantly learn how fraudsters behave,” Van de Weyer instructed VentureBeat. “It can study typical user behaviors to create baselines and build risk models.”
Telesign’s Confirm API underscores its omnichannel technique, enabling identification verification throughout SMS, e mail, WhatsApp, and extra, all by a single API. “Verifying customers is so important because many kinds of fraud can often be stopped at the ‘front door,’” Van de Weyer famous in a latest VentureBeat interview.
As generative AI accelerates attacker sophistication, Van de Weyer issued a transparent name to motion: “The emergence of AI has brought the importance of trust in the digital world to the forefront. Businesses that prioritize trust will emerge as leaders in the digital economy.” With AI as its spine, Telesign seems to show belief right into a aggressive benefit.
Why fraud prevention’s future belongs within the SOC
For fraud safety to scale, it should be built-in into the broader safety infrastructure stack and owned by the SOC groups who use it to avert potential assaults. On-line fraud detection platforms and apps are proving simply as vital as APIs, Identification and Entry Administration (IAM), EDRs, SIEMs and XDRs. VentureBeat is seeing extra safety groups in SOCs take higher possession of validating how shopper transactions are modeled, scored and challenged.
