DataDome

Why Intent-Based Detection Matters in the Age of AI Agents

Table of contents
Agentic AI
Andrew Hendry, Senior Director of Product Marketing
11 Mar, 2025
|
min

Agentic AI is ushering in a new wave of possibilities, redefining how we interact online—and raising important potential implications about security. OpenAI’s Operator made recent headlines with its promise to perform autonomous tasks like meal delivery, travel bookings, and software development, while the latest version of Anthropic’s Claude includes a feature enabling AI to use computers the way people do: browsing the web, moving a cursor, clicking buttons, and typing text. Gartner has identified agentic AI as the top technology trend for 2025, while McKinsey has called it the “next frontier.”

Indeed, agentic AI has the potential to fundamentally change how we interact with artificial intelligence, moving beyond simple predetermined automation to systems capable of making unsupervised decisions, taking action, and adapting dynamically to new information. But how will this change impact the online businesses, applications, and services that AI agents use in order to perform these tasks for us?

What is agentic AI?

Agentic AI is an advanced suite of AI technologies that work together to create a team of highly capable digital “agents” designed to handle complex tasks. These agents can reason, make decisions, learn from experience, and collaborate to solve problems. 

While both agentic AI and generative chat AI are built on large language models (LLMs), their applications differ. Generative AI passively provides responses based on queries, whereas agentic AI uses LLMs to analyze context, make strategic decisions, and take meaningful actions in real-world scenarios.

Agentic AI has the potential to transform entire industries by automating complex processes. In customer service, AI agents can manage inquiries, detect fraud, and assist with purchases. In logistics, they may enhance inventory control and optimize delivery routes in real time. Manufacturing will benefit from AI-driven predictive maintenance and smart factory management, and in transportation, agentic AI can enable self-driving vehicles and autonomous delivery robots, adjusting routes dynamically based on traffic and environmental conditions.

Implications of AI agents for online businesses

AI agent traffic is still emerging but is expected to grow rapidly given the new customer experience and revenue potential. However, as this wave of technology gains momentum, businesses face a new challenge: deciphering intent. The traditional model of distinguishing between automated and human traffic is no longer sufficient. 

AI agents blur the line—both good and bad intent can come from automated agents as well as human users. This shift forces enterprises to rethink their approach, moving beyond basic bot detection to understanding the purpose behind each request. The new rule isn’t just about automation versus human interaction—it’s about identifying whether the intent behind the traffic is beneficial or harmful.

This requires AI-powered defenses that can fight AI-driven threats. Just as agentic AI introduces more sophisticated automation, businesses must leverage equally advanced AI to detect, analyze, and respond to threats in real time. Intent-based detection—powered by machine learning and behavioral analysis—enables companies to differentiate between AI agents conducting legitimate tasks, such as price comparison or transaction assistance, and those engaged in malicious activities, like scraping, fraud, or credential stuffing. 

This shift from chatbots to agentic AI mirrors the transition from browser-based traffic to mobile apps some years back. Just as businesses had to rethink web security when mobile apps changed how users interacted with their services, they must now adapt to AI agents.

Why AI agents represent security risks

For online businesses, agentic AI presents a double-edged sword. On one hand, enabling AI agents to interact with your applications can be good for business—an airline, for instance, will benefit from AI agents being able to seamlessly retrieve flight schedules and pricing. On the other hand, agents also introduce significant security risks.

Web scraping may not seem such a big deal, but generative AI platforms like ChatGPT are already causing problems for other websites with their automated bot usage, gathering content to redistribute without linking back or providing any other benefit to the original source. Agentic AI could exacerbate this challenge by not only increasing both the demand for and ease of web scraping but also by reducing businesses’ direct control over the customer experience. With agentic AI, anyone—regardless of technical expertise—can deploy scraping solutions, dynamically adjusting their behavior to bypass traditional defenses.

Cybercriminals may also weaponize agentic AI tools to orchestrate large-scale, highly sophisticated attacks, disinformation campaigns, and other illicit activities. The same AI agents designed to simplify and streamline business processes can be repurposed to execute damaging cyberattacks and fraud at scale. 

For example, credential stuffing is already a serious threat to online businesses. AI agents—with their ability to perform common web tasks like a human—will be able to autonomously test millions of credentials across multiple websites without human oversight, adapt and strategize to bypass security solutions, exploit data breaches in real time, and prioritize targets. But the risk doesn’t stop at account takeovers. Just as attackers can hijack user accounts, they can now compromise AI agents that have delegated authority to make purchases, manage sensitive data, or execute transactions. This significantly expands the blast radius of an exploit, turning compromised agents into powerful tools for large-scale fraud and automation-driven attacks.

Additionally, malicious automation may enable attackers to hijack AI agents to launch phishing campaigns or inject malicious scripts into websites. With AI agents interacting across multiple systems and platforms, they create a broader attack surface for cybercriminals to exploit. 

 

Best practices for managing AI agent traffic

Traditional security measures, like CAPTCHA, have become increasingly ineffective. According to research from ETH Zurich, AI can now successfully pass 100% of traditional image-based  CAPTCHAs, including the prevalent Google reCAPTCHAv2. This means CAPTCHAs will be no match for sophisticated AI agents. 

To balance accessibility for beneficial AI agents with the need to limit security risks, best practices include:

  • Strengthen authentication & account security: Protecting user accounts against unauthorized access is essential, especially when AI agents interact with personal or sensitive data. Enforcing multi-factor authentication (MFA) significantly reduces the risk of account takeovers. 
  • Use API access for AI agents: A well-documented API may be the best way to enable AI agents to interact with your website in a structured and controlled manner. APIs allow you to define exactly what data and services are accessible while maintaining security through authentication mechanisms like API keys, OAuth, or JWT tokens. 
  • Define a clear AI & bot policy: A well-defined AI and bot policy helps set expectations for how AI agents can interact with your services. Explicitly state your bot-related policies in the robots.txt file, outlining which areas AI agents can access. Additionally, your terms of service should include provisions governing AI-driven interactions, specifying permitted use cases and restrictions. 
  • Deploy a bot management solution: Malicious AI agents will not respect your policies and guidelines, and they will masquerade as humans. To distinguish AI bots from humans and legitimate agents from malicious ones, you need a bot protection solution with advanced behavioral detection capabilities.
  • Regular security audits: Maintaining a secure AI-friendly website requires continuous evaluation and improvement. Conducting regular security audits, including penetration testing of APIs and authentication mechanisms, helps identify vulnerabilities before they can be exploited. 

The need to manage AI agent traffic

As AI agents become more prevalent, standardized methods for managing their interactions with online platforms will become necessary. Currently, tools like robots.txt provide a voluntary framework for managing traditional web crawlers, but AI agents will require more sophisticated controls. Without clear rules, businesses face increasing uncertainty over how their digital assets are accessed, used, and potentially exploited by autonomous systems.

One potential solution is the creation of a new industry standard, akin to robots.txt but specifically designed for AI agents. This could involve mechanisms that require AI agents to self-identify, declare their purpose, and adhere to strict access policies. 

Creating a more accountable and manageable AI ecosystem will require close collaboration between AI developers, regulators, online businesses, and cybersecurity vendors. We encourage companies creating AI agents to work with us and other security providers to ensure that their traffic can be identified and assessed appropriately. 

How DataDome can help

DataDome’s Cyberfraud Protection Platform provides comprehensive protection against all forms of automation and unwelcome requests, including AI agents and bot-controlled browsers. Our solution is uniquely positioned to detect and mitigate the malicious use of AI agents, ensuring that legitimate activities—such as booking a flight—remain seamless and secure, while fraudulent activities are promptly blocked. 

As digital ecosystems evolve to include AI agents like Operator, the distinction between legitimate and malicious activities becomes increasingly complex. DataDome addresses this challenge by leveraging multi-layered AI, behavioral analysis, real-time machine learning, and dynamic feedback loops to balance high detection accuracy with usability. This ensures businesses can understand the intent behind their traffic to effectively protect their endpoints, while also supporting legitimate AI-driven traffic that drives growth and a more seamless user experience. 

Furthermore, the DataDome dashboard provides users with deep traffic insights, allowing them to monitor all incoming traffic, including LLM activity. This empowers customers to make data-driven decisions on how their applications should interact with automated traffic, ensuring optimal performance and security. Request a demo of DataDome today. 

DataDome
Andrew Hendry
Senior Director of Product Marketing
Andrew Hendry is a Senior Director of Product Marketing at DataDome. In his role, he's responsible for helping customers and partners understand the value of DataDome's products and solutions. Andrew has over 15 years of product experience in cybersecurity, networking and telecom.

Related posts

DataDome
dd product home overview

Still exploring?

Start with an on-demand demo.

Watch a demo