Handling Login Attacks
Hello everyone, looking for some help related to identifying attacks to certain pages esp. login pages I already setup verified bots, page limits etc which gets revoked. However certain attacks are targeted and the attack originates from multi cloud and the attacker program swaps to new ip when existing one gets blocked.
How can I identify the attacks? Currently we are using JA3 and JA4 fingerprint to spot but thats very manual and tedious process .
How can I make use of openly available JA4 database to spot the outliers easily? Or infact any other way?
Is there something I can make use of AI to simply this, like building an AI agent or something. Any ideas welcome.
Just guide me the best options available. I have mid level experience with CF. Between some of our domains are ENT plans.
How can I identify the attacks? Currently we are using JA3 and JA4 fingerprint to spot but thats very manual and tedious process .
How can I make use of openly available JA4 database to spot the outliers easily? Or infact any other way?
Is there something I can make use of AI to simply this, like building an AI agent or something. Any ideas welcome.
Just guide me the best options available. I have mid level experience with CF. Between some of our domains are ENT plans.
