For decades, companies have operated on a simple assumption that most internet traffic came from people. That assumption no longer holds. The latest 2026 Bad Bot Report: Bad Bots in the Agentic Age reinforces a shift that is now impossible to ignore. Automated traffic continues to outpace human activity online, ... Read More

AI-driven automation is no longer emerging. It is already integrated and accepted as internet traffic. From AI assistants and crawlers to enterprise automation tools, websites are now routinely accessed by non-human actors operating at scale.  Vulnerabilities or weaknesses in your application infrastructure, including risky APIs, are no longer difficult to ... Read More

Application development has changed dramatically. Enterprises now release software faster, operate more digital services, and deploy applications across a mix of public cloud, private cloud, APIs, containers, and on-premises infrastructure. As application delivery has accelerated and architectures have become more distributed, a disconnect has emerged between the teams building applications ... Read More

The holiday shopping season is the busiest time of year for online retailers, and increasingly the most dangerous. As traffic surges and customers rush to place orders, cybercriminals use the distraction and volume to blend in. Account Takeover (ATO) attacks spike sharply in November and December, targeting shoppers’ saved payment ... Read More

Every November and December, online retailers gear up for their biggest revenue surge of the year. But while the traffic and transactions climb, so does the threat level. Cybercriminals know exactly when customer activity (and the pressure on retail systems) is at its highest and they’re automating their attacks to ... Read More

When the latest PCI DSS 4.0 requirements came into full effect in March 2025, organizations processing cardholder data faced new obligations to protect payment pages from client-side risks. Requirements such as 6.4.3 (script inventory, authorization, and integrity monitoring) and 11.6.1 (detection of unauthorized changes) demanded stronger visibility and control than ... Read More

The airline industry is under constant attack from malicious bots. Bad actors use automation to scrape fares, hoard inventory, commit fraud, and compromise customer accounts. While every airline faces its own unique challenges, the business impacts are remarkably consistent—lost revenue, inflated infrastructure costs, degraded customer experience, and weakened competitive positioning ... Read More

Bad bots continue to target organizations across every industry and geography, but the rise of Artificial Intelligence (AI) is fueling bot attacks, making them more intelligent and more evasive than ever before. For over twelve years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad ... Read More

In the fast-paced world of online retail, where customer satisfaction and availability are paramount, a sudden attack by scalping bots can disrupt operations, inflate costs, and damage reputation. A North American Online Retailer faced a month-long bot attack that targeted their inventory system, exploiting vulnerabilities and causing financial losses. Here’s ... Read More

The ticketing industry is under constant threat from malicious bots, with bad actors targeting these platforms for financial gain. Bots accounted for 31.1% of all traffic to entertainment platforms in 2024, with attacks ranging from scalping and credential stuffing to carding operations. When one public museum experienced a surge in ... Read More