<ciso brief/>
Tag Banner

All news with #web bot auth tag

all tags →

Fri, November 21, 2025

AWS WAF Adds Web Bot Auth to Verify AI and Bot Traffic

#AWS #AWS WAF #Web Bot Auth #AI Security

🔐 AWS WAF now supports Web Bot Auth, providing cryptographic verification for automated agents and crawlers that access web applications. The capability uses signed HTTP messages and a public key directory defined by active IETF drafts to authenticate bot identities. AWS WAF will automatically allow verified WBA bots by default, refining previous behavior where the AI category blocked unverified bots. This change helps operators distinguish trusted automated traffic from potentially harmful automation.

read more →

Thu, October 30, 2025

Amazon Bedrock AgentCore Browser Adds Web Bot Auth Preview

#AWS #Amazon Bedrock #AgentCore Browser #Web Bot Auth #AI Security

🔐 Amazon Bedrock AgentCore Browser now previews Web Bot Auth, a draft IETF protocol that cryptographically identifies AI agents to websites. The feature automatically generates credentials, signs HTTP requests with private keys, and registers verified agent identities to reduce CAPTCHA interruptions and human intervention in automated workflows. It streamlines verification across major providers such as Akamai, Cloudflare, and HUMAN Security, and is available in nine AWS Regions on a consumption-based pricing model with no upfront costs.

read more →

Fri, October 24, 2025

Securing Agentic Commerce with Web Bot Auth and Payments

#Agentic AI #Web Bot Auth #HTTP Message Signatures #Cloudflare #Visa #Mastercard #Agent SDK

🔒 Cloudflare, in partnership with Visa and Mastercard, explains how Web Bot Auth together with payment-specific protocols can secure agent-driven commerce. The post describes agent registration, public key publication, and HTTP Message Signatures that include timestamps, nonces, and tags to prevent spoofing and replay attacks. Merchants can validate trusted agents during browsing and payment flows without changing infrastructure. Cloudflare also provides an Agent SDK and managed WAF rules to simplify developer adoption and deployment.

read more →

Wed, September 24, 2025

Responsible AI Bot Principles to Protect Web Content

#Cloudflare #OpenAI #Anthropic #Web Bot Auth #AI Security #Retrieval-Augmented Generation

🛡️ Cloudflare proposes five practical principles to guide responsible AI bot behavior and protect web publishers, users, and infrastructure. The framework stresses public disclosure, reliable self-identification (moving toward cryptographic verification such as Web Bot Auth), a declared single purpose for crawlers, and respect for operator preferences via robots.txt or headers. Operators must also avoid deceptive or high-volume crawling, and Cloudflare invites multi-stakeholder collaboration to refine and adopt these norms.

read more →