惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
大猫的无限游戏
大猫的无限游戏
爱范儿
爱范儿
Martin Fowler
Martin Fowler
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Register - Security
The Register - Security
IT之家
IT之家
博客园_首页
Microsoft Security Blog
Microsoft Security Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
I
InfoQ
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
Apple Machine Learning Research
Apple Machine Learning Research
M
MIT News - Artificial intelligence
博客园 - Franky
C
Check Point Blog
T
The Blog of Author Tim Ferriss
V
Visual Studio Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
T
Tailwind CSS Blog
Recent Announcements
Recent Announcements
云风的 BLOG
云风的 BLOG
美团技术团队
The Cloudflare Blog
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MyScale Blog
MyScale Blog
The GitHub Blog
The GitHub Blog
D
DataBreaches.Net
Google DeepMind News
Google DeepMind News
V
V2EX
aimingoo的专栏
aimingoo的专栏
GbyAI
GbyAI
G
Google Developers Blog
S
SegmentFault 最新的问题
Hugging Face - Blog
Hugging Face - Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
U
Unit 42
罗磊的独立博客
量子位
MongoDB | Blog
MongoDB | Blog
Last Week in AI
Last Week in AI
Stack Overflow Blog
Stack Overflow Blog
小众软件
小众软件
D
Docker
人人都是产品经理
人人都是产品经理

Vercel News

Vercel Open Source Program: Winter 2026 cohort How Notion Workers run untrusted code at scale with Vercel Sandbox How we run Vercel's CDN in front of Discourse From idea to secure checkout in minutes with Stripe Building Slack agents can be easy Scaling redirects to infinity on Vercel Advancing Python typing Gamma builds design-first agents with Vercel How Avalara turns pipe dreams into patent-pending with v0 Keeping community human while scaling with agents How OpenEvidence built a healthcare AI that physicians actually trust Security boundaries in agentic architectures Skills Night: 69,000+ ways agents are getting smarter Video Generation with AI Gateway We Ralph Wiggumed WebStreams to make them 10x faster How Stably ships AI testing agents in hours, not weeks How we built AEO tracking for coding agents Anyone can build agents, but it takes a platform to run them Introducing Geist Pixel The Vercel AI Accelerator is back with $6m in credits Making agent-friendly pages with content negotiation The Vercel OSS Bug Bounty program is now available Introducing the new v0 Run untrusted code with Vercel Sandbox, now generally available How Stripe built a game-changing app in a single flight with v0 How Sensay went from zero to product in six weeks AGENTS.md outperforms skills in our agent evals Agent skills explained: An FAQ Testing if "bash is all you need" AWS databases are now live on the Vercel Marketplace and v0 Use Perplexity Web Search with Vercel AI Gateway Introducing: React Best Practices Nick Bogaty joins Vercel as Chief Revenue Officer How Mux shipped durable video workflows with their @mux/ai SDK How to build agents with filesystems and bash How we made v0 an effective coding agent Stopping the slow death of internal tools Building AI-Generated Pixel Trading Cards with Vercel AI Gateway We removed 80% of our agent’s tools AI SDK 6 Our $1 million hacker challenge for React2Shell Cline now runs on Vercel AI Gateway How to prompt v0 Build smarter workflows with Notion and v0 Vercel launches partner certification Inside Workflow DevKit: How framework integrations work React2Shell Security Bulletin | Vercel Knowledge Base Billions of requests: Black Friday-Cyber Monday 2025 Investing in the Python ecosystem AWS Databases coming to the Vercel Marketplace How we built the v0 iOS app Workflow Builder: Build your own workflow automation platform Vercel Open Source Program: Fall 2025 cohort Self-driving infrastructure Vercel collaborates with Google for Gemini 3 Pro Preview launch Vercel: The anti-vendor-lock-in cloud How Nous Research used BotID to block automated abuse at scale How AI Gateway runs on Fluid compute What we learned building agents at Vercel Build and deploy data applications on Snowflake with v0 Vercel achieves TISAX AL2 compliance to serve automotive partners Bun runtime on Vercel Functions David Totten Joins Vercel to Lead Global Field Engineering Vercel Ship AI 2025 recap You can just ship agents AI agents and services on the Vercel Marketplace Built-in durability: Introducing Workflow Development Kit Zero-config backends on Vercel AI Cloud Introducing Vercel Agent: Your new Vercel teammate Update regarding Vercel service disruption on October 20, 2025 Agents at work, a partnership with Salesforce and Slack Running Next.js in ChatGPT: How to Build ChatGPT Apps Talha Tariq joins Vercel as CTO of Security Just another (Black) Friday Server rendering benchmarks: Fluid Compute and Cloudflare Workers Towards the AI Cloud: Our Series F Collaborating with Anthropic on Claude Sonnet 4.5 to power intelligent coding agents Preventing the stampede: Request collapsing in the Vercel CDN BotID uncovers hidden SEO poisoning How we made global routing faster with Bloom filters What you need to know about vibe coding Scale to one: How Fluid solves cold starts Addressing security & quality issues with MCP tools - Vercel AI agents at scale: Rox’s Vercel-powered revenue operating system Helly Hansen migrated to Vercel and drove 80% Black Friday growth Agentic Infrastructure Zero Data Retention on AI Gateway Optimizing Vercel Sandbox snapshots How Waldium made a blog platform work for humans and AI alike How FLORA shipped a creative agent on Vercel's AI stack Agent responsibly Making Turborepo 96% faster with agents, sandboxes, and humans Unified reporting for all AI Gateway usage new.website joins forces with v0 SERHANT.'s playbook for rapid AI iteration Two startups at global scale without DevOps Chat SDK brings agents to your users 360 billion tokens, 3 million customers, 6 engineers Meet the 2026 Vercel AI Accelerator Cohort Build knowledge agents without embeddings
BotID Deep Analysis catches a sophisticated bot network in real-time
Andrew QuChief of Software, VercelLiz HurderSr. Product Marketin · 2025-10-31 · via Vercel News

Real-time detection and adaptation in action

On October 29 at 9:44am, BotID Deep Analysis detected an unusual spike in traffic patterns across one of our customer's projects. Traffic increased by 500% above normal baseline. What made this particularly interesting wasn't just the volume increase. The spike appeared to be coming from legitimate human users.

Our team immediately began investigating and reached out to the customer to discuss what appeared to be an influx of bot traffic cleverly disguised as human activity. But before we could even complete that conversation, something remarkable happened: Deep Analysis, powered by Kasada’s machine learning backend, had already identified the threat and adapted to correctly classify it.

Link to headingA sophisticated new threat emerges

What we were witnessing was likely a brand-new browser bot network spinning up for the first time. These weren't your typical bots. They were sophisticated actors that generated telemetry data that looked completely legitimate. Around 40-45 new browser profiles appeared, each presenting fingerprints and behavioral patterns that hadn't been seen before.

For a few minutes, BotID’s models carefully analyzed this new data, determining whether these sessions were genuine or malicious. This is the critical period where sophisticated bot networks can slip through traditional security measures. They look real because they're using real browser automation tools and carefully crafted profiles.

Link to headingThe pattern reveals itself

Then the pattern emerged. These browser sessions that had initially appeared legitimate started showing up across a range of IP addresses. Crucially, these IPs were identified as proxy nodes, rather than network origin points. This was the tell-tale sign: legitimate users don't rapidly cycle through proxy networks while maintaining the same browser profile.

Deep Analysis pieced together the bigger picture. The same browser fingerprints appearing across multiple proxy nodes indicated coordinated bot activity, not organic human behavior. Once this pattern was detected, the system automatically forced these sessions back through the verification process to collect fresh browser telemetry.

Link to headingHands-free blocking in 5 minutes

This second round of telemetry collection, now informed by the proxy node detection and behavioral patterns, revealed the true nature of these sessions. What had initially looked like legitimate traffic was now clearly identified as ⁠malicious: a sophisticated bot network attempting to evade detection.

Here’s how the 10-minute attack unfolded:

  • 9:44am: Traffic spike detected, human classifications continues

  • 9:45-9:48am: Models analyze 40-45 new browser profiles, making thousands of requests, across proxy nodes

  • 9:48am: Pattern correlation identifies coordinated bot activity

  • 9:49am: Re-verification confirms threat, bot classification begins

  • 9:54am: Attack traffic drops to zero

Bot traffic reclassified from human (purple) to bot (blue)Bot traffic reclassified from human (purple) to bot (blue)

Bot traffic reclassified from human (purple) to bot (blue)

The entire process, from initial detection to accurate classification and blocking, took just a few minutes. No manual intervention required. No emergency patches or rule updates. The customer took no action at all. Just BotID doing exactly what it's designed to do: automatically learn, adapt, and protect in real-time.

Link to headingWhy this matters

This incident demonstrates the critical importance of adaptive, machine learning-based bot detection. These bots were specifically designed to evade traditional defenses: real browser automation, legitimate-looking telemetry, and carefully constructed profiles that mimic organic behavior.

Standard bot detection handles the majority of threats effectively. But sophisticated attacks like this one create a tradeoff: aggressive blocking risks false positives against legitimate users, while permissive rules let sophisticated bots through.

Deep Analysis exists for these edge cases where attackers invest significant resources in evasion. By combining multiple signals (browser telemetry, network patterns, behavioral analysis, and real-time learning), Deep Analysis can identify coordination patterns that individual signals miss. The key insight wasn't any single red flag. It was the correlation: identical browser fingerprints cycling through proxy infrastructure.

As bot networks become more sophisticated, the only effective defense is a system that can learn and adapt just as quickly. This Wednesday morning proved that BotID does exactly that.

Protect your AI endpoints with Vercel BotID

Stop bots from draining your AI budget: see how to gate your endpoints with Vercel BotID in a few steps.

Read the guide