Latest News

How IBM and Cloudflare are Collaborating to Mitigate Bot-Based Security Threats

By Nataraj Nagaratnam | CTO, IBM Cloud Security, IBM
August 08, 2023

Across the globe, organizations are expanding their hybrid cloud environments to meet their transformation goals. These modernization efforts can support partnership ecosystems, supply chain demands, and other objectives, but they also have the potential to increase security and compliance concerns. According to IBM’s 2023 Cost of a Data Breach Report[1], 95 percent of the surveyed organizations studied have had more than one data breach.

To continue addressing the ever-changing threat landscape, IBM’s expanded offering in collaboration with Cloudflare, the Internet security, performance, and reliability company running one of the world’s largest and most interconnected networks today, is now available to Enterprise Premier Plan users. In 2018, IBM first introduced IBM Cloud Internet Services’ (CIS), powered by Cloudflare. This offering allows IBM Cloud customers to configure mission-critical web and application performance and security solutions to help them combat critical security challenges such as with Distributed Denial-of-Service (DDoS) mitigation and data theft protection. Both IBM and Cloudflare continue to have a mission of delivering solutions that will address these potentially costly security threats, without hindering Internet speed or business innovation.

“With the rise of DDoS attacks and data theft, it’s become important to have a provider that helps us meet the challenges of the ever-changing threat landscape. That’s why at Liquid Reply, we have called on IBM Cloud and Cloudflare to help support our security initiatives,” said Davide Sarais, IT Lead at Liquid Reply. “By using IBM Cloud Internet Services, we’ve been able to maintain our compliance posture. The new features that are available to IBM and Cloudflare clients are exciting advancements that we hope will take our approach to security to the next level.”

New Offering: Cloudflare Bot Management on IBM Cloud Internet Services

As malicious bot attacks become more sophisticated and manual mitigations become more burdensome, a dynamic and adaptive solution is required for enterprises running Internet-facing workloads. That is why today, IBM and Cloudflare are announcing the availability of Cloudflare Bot Management on IBM CIS to help protect enterprises from bot attacks, which have the potential to damage brands, steal sensitive information, take over accounts, and negatively impact the bottom line.

The offering is designed to help Enterprise Premier Plan users to better manage bots by applying the following detection methods:

●      Enhanced Behavioral Analysis: This advanced analysis offering helps organizations monitor and respond to abnormal traffic patterns across critical Internet applications to mitigate potential bot threats in near real-time.

●      Bot Identification through Machine Learning: Using a Bot Score provides a single, simplified value to represent the likelihood of a request being human or a bot. It is designed to simplify the configuration and tuning process appreciably.

●      Mitigating Risk through Fingerprinting: Cloudflare leverages fingerprinting from millions of diversified Internet properties to accurately classify bots but does not generate or store device fingerprints, which can help to reduce risk to user privacy.

The Bot Management feature is available now for any IBM CIS clients using the CIS Enterprise Premier plans.

Clients across multiple industries can benefit from IBM Cloud Internet Services and Cloudflare

Enterprises all over the world, across sectors, including heavily regulated industries, can use Bot Management and the other Cloudflare-powered CIS offerings to support their security, performance, and resiliency needs. For example:

●      Financial Services – Banks and other financial institutions can use the IBM CIS services such as DDoS mitigation and Web Application Firewall (WAF) to address security challenges. By leveraging the turn-key WAF policies, customers can protect their Internet-facing applications against a myriad of exploits, including day-zero attacks.

●      eCommerce – The increased use of APIs in eCommerce has also created the potential for API-related security issues. eCommerce companies can utilize IBM CIS services for DDoS protection to protect their API gateways.

●      Healthcare - According to IBM’s 2023 Cost of a Data Breach Report,  the average cost of a data breach in healthcare increased from $10.10 million in 2022 to $10.93 million in 2023—up 8.2%. With healthcare having the highest cost per data breach for the thirteenth year in a row, CIS services are even more critical to help prevent these costly attacks. Healthcare clients can utilize the combination of CIS DDoS, WAF, and Bot Management to help mitigate against sophisticated malware bot attacks.

Learn More

For more information on IBM and Cloudflare, please visit HERE.

Statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice and represent goals and objectives only.



[1] The 2023 Cost of a Data Breach Report, conducted by Ponemon Institute, is sponsored and analyzed by IBM Security.

Article Categories