Smarter Protection, Less Friction: A Look at Our Latest DataDome Product Updates

This quarter, we focused on making DataDome Bot Protect faster, smarter, and easier to work with. That meant sharper detection to stop bots in their tracks, more flexibility for security teams, and a smoother experience for real users. From a brand-new bot category for LLMs to powerful configuration tools and CAPTCHA updates that reduce friction, every update is designed to help our customers stay ahead of threats—without adding complexity.

New bot category: LLM Models and Applications

One of the most notable additions this quarter is the launch of the LLM Models and Applications bot category. As AI-driven bots—like LLM crawlers and autonomous agents—become more prevalent across the web, customers need better tools to understand and manage this emerging layer of traffic. This new feature delivers just that: clearer visibility into AI bot activity, grouped under a dedicated category that makes it easier to monitor and take action.

• Benefit: You can now instantly identify and track AI bot traffic in real-time, understand who’s accessing your content, how often, and from where. This empowers businesses to better control AI-powered traffic as it becomes a bigger part of the digital landscape.

Sharper detection that adapts in real time

Bots are evolving fast, and we’re responding even faster. This quarter, we improved how Bot Protect reads and reacts to user behavior—making it even harder for automated tools to slip through.

• We expanded our detection models with new session-level and behavioral signals. Our threat research team introduced a system to analyze user navigation patterns based on simplified URLs.
  • Benefit: Instead of treating every URL as unique, we now group pages into logical clusters (like /products/*) and track behavior across them. This allows us to catch bots acting out of step with typical user journeys, such as skipping product pages and jumping straight to checkout.
• Advanced CAPTCHA Protection continues to evolve with more precise models that detect synthetic mouse movements.
  • Benefit: We can now identify these subtle signals—often used by automation tools to mimic human behavior—more precisely in real-time, making CAPTCHA challenges even more efficient.
• Expanded Proxy Detection leverages additional network signals to improve the identification of suspicious traffic patterns.
  • Benefit: This makes it easier to distinguish genuine users from bots trying to obscure their sources.

More power in your hands

This quarter, we’ve also empowered security and operations teams with new tools to configure and scale protection on their own terms. Here’s how:

• Traffic Filters with Lucene Queries: Teams now have the ability to define endpoints with greater precision, leveraging Lucene queries across multiple fingerprint fields (e.g., HTTP method, GraphQL operation type).
  • Benefit: This makes your protection more customizable and accurate, ensuring that no malicious traffic slips through the cracks.

• Endpoint Management via Terraform: For teams working with Infrastructure as Code, we now offer endpoint management through Terraform.
  • Benefit: This simplifies rolling out consistent protection across environments using existing DevOps workflows, making security deployment and scaling easier.
• CIDR IP Exclusion in Cloudflare Workers: Now you can manage access control at scale with CIDR IP exclusion support.
  • Benefit: You gain greater accuracy in blocking or bypassing entire IP ranges, streamlining threat mitigation, and filtering at a large scale.
• Search History on the Explore Page: Building on the capability to save dashboards (released late last year), the Explore page now includes a search history feature, allowing users to quickly revisit past searches.
  • Benefit: This feature improves efficiency and saves time, helping teams stay on top of their analysis without needing to start from scratch each time.

Polishing the user experience

We believe the small things matter—especially when they affect user trust. That’s why we’ve refined both the messaging and mechanics of our CAPTCHA and block pages to make the experience even more seamless for legitimate users.

What’s new and why it matters:

• Clearer, more transparent messaging:
  We rewrote the language on CAPTCHA and block pages to help users quickly understand what’s happening and how to regain access—if they ever encounter them (which is rare).
• Fewer CAPTCHA interruptions:
  CAPTCHA prompts are now even less frequent, thanks to enhancements in Device Check. By analyzing:
  • Device fingerprinting
  • Behavioral signals (like mouse movement and typing patterns)
  • Real-time threat intelligence

One customer saw an 83% drop in CAPTCHA prompts after turning this feature on.

• Expanded accessibility: Our CAPTCHA, already WCAG 2.2 certified and equipped with an audio challenge for users with visual, auditory, or cognitive impairments, now supports 100+ languages—making it more intuitive and inclusive for users around the world.

Every update this quarter was focused on helping you stay ahead of threats without slowing down your team or your users. Whether through stronger detection, smoother integrations, or a better user experience, Bot Protect continues to evolve—quietly, powerfully, and without compromise. Curious how it all comes together? Request a demo to see Bot Protect in action.