HeadlinesBriefing favicon HeadlinesBriefing.com

Introducing Precursor: Continuous Client‑Side Bot Detection

Hacker News •
×

Bot mitigation is an adversarial game: attackers adapt, defenders respond, and the cycle continues. At Cloudflare, we stay ahead by combining visibility across our global network with signals from the client‑side environment. Atүд the network level, we analyze over 1 trillion requests per day to understand reputation, patterns, and anomalies across more than 20% of the web. On the client side, we’ve pushed detection deeper with Turnstile, which has evolved from a CAPT CHA replacement to a risk‑based managed challenge that adapts the amount of friction needed to verify the user is authentic. Today, Turnstile runs nearly 3 billion times per day on some of the most sensitive endpoints on the Internet.

This improves protection on the most important areas of customer applications, but still leaves limited visibility into the rest of the application. This is the visibility gap we’re closing today with our launch of Precursor. Precursor is a client‑side, session‑based verification system, built with privacy in mind, that uses dynamically injected JavaScript to continuously collect behavioral signals as visitors interact with your application. These signals are processed and incorporated into Cloudflare’s bot protection in real time, allowing us to continuously distinguish human traffic from automated or agentic traffic.

Precursor extends the client‑side detections offered by a Challenge to your entire web application. By evaluating behavior across an entire session, it adds significantly more signal to each decision, improving detection precision and reducing unnecessary interruptions for legitimate users.