Learning Library

← Back to Library

IBM Cloudflare Bot Management & MFT Defense

3m • Unknown Channel • security • news • intermediate • Watch on YouTube ↗

Key Points

IBM and Cloudflare have launched **Cloudflare Bot Management on IBM Cloud Internet Services**, offering a dynamic, adaptive solution that uses behavioral analysis, machine‑learning bot scores, and fingerprinting to protect internet‑facing workloads from sophisticated bot attacks.
The new bot‑management feature is immediately available to any IBM Cloud Internet Services customer on the **Enterprise Premier plan**, providing near‑real‑time threat mitigation without storing device fingerprints to preserve user privacy.
Over the past year, **managed file transfer (MFT) services have become a major attack vector**, with hundreds of organizations compromised as threat actors exploit these tools to accelerate data exfiltration.
IBM Security X‑Force responded by publishing an **index of 13 detection and response frameworks** for the most commonly exposed MFT solutions, giving defenders a ready‑to‑use playbook to shorten response times and curb mass exploitation.
Leveraging IBM’s **Watson X foundation model**, X‑Force created a repeatable AI engine that evaluates assets’ attractiveness to attackers, automating the analysis of documentation and streamlining risk assessment for MFT environments.

Sections

00:00:00 Cloudflare Bot Management on IBM CIS - IBM and Cloudflare announce an integrated bot‑management service for IBM Cloud Internet Services that uses behavioral analysis, machine‑learning scoring, and fingerprinting to detect and mitigate malicious bot traffic in near real time.

Full Transcript

# IBM Cloudflare Bot Management & MFT Defense **Source:** [https://www.youtube.com/watch?v=WFMngOdlWbg](https://www.youtube.com/watch?v=WFMngOdlWbg) **Duration:** 00:03:53 ## Summary - IBM and Cloudflare have launched **Cloudflare Bot Management on IBM Cloud Internet Services**, offering a dynamic, adaptive solution that uses behavioral analysis, machine‑learning bot scores, and fingerprinting to protect internet‑facing workloads from sophisticated bot attacks. - The new bot‑management feature is immediately available to any IBM Cloud Internet Services customer on the **Enterprise Premier plan**, providing near‑real‑time threat mitigation without storing device fingerprints to preserve user privacy. - Over the past year, **managed file transfer (MFT) services have become a major attack vector**, with hundreds of organizations compromised as threat actors exploit these tools to accelerate data exfiltration. - IBM Security X‑Force responded by publishing an **index of 13 detection and response frameworks** for the most commonly exposed MFT solutions, giving defenders a ready‑to‑use playbook to shorten response times and curb mass exploitation. - Leveraging IBM’s **Watson X foundation model**, X‑Force created a repeatable AI engine that evaluates assets’ attractiveness to attackers, automating the analysis of documentation and streamlining risk assessment for MFT environments. ## Sections - [00:00:00](https://www.youtube.com/watch?v=WFMngOdlWbg&t=0s) **Cloudflare Bot Management on IBM CIS** - IBM and Cloudflare announce an integrated bot‑management service for IBM Cloud Internet Services that uses behavioral analysis, machine‑learning scoring, and fingerprinting to detect and mitigate malicious bot traffic in near real time. ## Full Transcript

0:00cloudflare bot Management on ibmcis and 0:04a detection and response framework for 0:06managed file transfer software all on 0:09this episode of IBM Tech now 0:10what's up y'all my name is Ian and I am 0:13back to bring you the latest and 0:14greatest news and announcements about 0:16IBM technology 0:17start things off this week IBM and 0:20cloudflare are announcing cloudflare bot 0:22Management on IBM CIS a new offering to 0:25help protect Enterprises from bot 0:28attacks 0:29malicious bot attacks are becoming more 0:31sophisticated and manual mitigations are 0:33becoming more burdensome 0:35bot attacks have the potential to damage 0:37Brands steal sensitive information take 0:40over accounts and negatively impact the 0:42bottom line of any organization 0:45Enterprises running internet-facing 0:47workloads neither Dynamic and adaptive 0:49solution and that's precisely what 0:51cloudflare bot management provides 0:53the offering is designed to help users 0:55better manage Bots by applying a number 0:58of different detection methods 1:00first is enhanced behavioral analysis 1:03which helps organizations Monitor and 1:05respond to abnormal traffic patterns 1:07across critical internet applications to 1:10mitigate potential bot threats in near 1:12real time 1:13second is bot identification through 1:15machine learning using a bot score it 1:18provides a single simplified value to 1:20represent the likelihood of a request 1:22Being Human or a bot 1:24and third is risk mitigation through 1:27fingerprinting cloudflare leverages 1:29fingerprinting from millions of 1:31Diversified internet properties to 1:33accurately classify Bots it does not 1:36however generate or store device 1:38fingerprints which can help to reduce 1:39the risk to user privacy 1:42the bot management feature is available 1:44now for any IBM Cloud internet service 1:46clients using the Enterprise Premiere 1:49plan to learn more check out the link in 1:51the description of this video 1:53next up over the past year hundreds of 1:56organizations have been compromised 1:58through managed file transfer attacks 2:00the mass exploitation of move it and go 2:03anywhere has elevated mfts into a 2:05prominent attack Factor 2:07these Internet connected automated 2:09Services enable the transfer of 2:11sensitive Enterprise data between 2:13parties 2:14so by compromising mfts threat actors 2:17can expedite their attacks immediately 2:20jumping to the data exfiltration stage 2:23IBM security X-Force decided to 2:25investigate they found that all of these 2:27mft tools are largely architected the 2:30same way which means that the approach 2:31to detection and response would 2:33generally be the same so X-Force 2:36recently released an index that includes 2:38a sample of 13 different detection and 2:41response Frameworks for the most common 2:43and exposed mft Solutions 2:45this effort is meant to offload some of 2:47these learnings from Defenders 2:49significantly reducing the time required 2:51for Defenders to stop an attack and 2:53helping to prevent future Mass 2:55exploitation 2:56X-Force also turned to Watson X and 2:59created an easy repeatable process to 3:02assess assets by their attractiveness to 3:04attackers 3:06using one of IBM's Foundation models 3:08they created a proof-of-concept AI 3:10engine that analyzes documentation 3:12forums system data and correlates with 3:16environmental context 3:17this enables security teams to quickly 3:19understand the underlying components of 3:21a solution so that they can develop a 3:23detection and response strategy 3:25this proof of concept is really exciting 3:27because it provides evidence that 3:29Foundation models can Empower Defenders 3:31tremendously and optimize their use of 3:34time 3:34to learn more hit the link below 3:37thanks so much for joining me today for 3:39this episode of IBM Tech now if you're 3:40interested in learning more about the 3:42topics I've covered make sure you 3:43explore the links in the description of 3:45this video and again please don't forget 3:47to subscribe to our channel to stay up 3:49to date on what's going on in Tech now