← Back to case studies

Case Study

AI Traffic Analysis to Counter Distributed Scraping and Abuse

Built an AI-assisted network analysis capability to detect malicious intent in CDN/WAF traffic and automate dynamic blocking using IP, JA3, and ASN signals.

SecurityWAFCDNAIThreat AnalysisAutomation

Challenge

The client was targeted by sophisticated scraping activity across APIs and website endpoints. Adversaries rotated through thousands of IPs across hundreds of providers and used headless browser automation with evolving tool combinations, making static defenses ineffective.

Approach

  • Developed an AI network analysis tool with user-selectable LLM backends (e.g., Opus 4.5, Sonnet 4.6).
  • Ingested and analyzed CDN and WAF logs to identify behavioral patterns and attacker intent.
  • Correlated signals across IP, JA3 fingerprint, and ASN dimensions.
  • Automated dynamic traffic blocking based on dynamic multi-signal confidence rather than rigid ruleset.
  • Enabled faster analyst feedback loops for rule tuning and defensive adaptation.

Outcomes

  • Improved detection quality for distributed, evasive scraping campaigns.
  • Reduced successful abusive traffic through adaptive, behavior-aware controls.
  • Shortened response time from manual triage to automated defensive action.