Getting Started
Overview
Agentic Trust is DataDome's solution for managing AI agent traffic on your online resources. As AI agents become increasingly prevalent across the web — powering everything from legitimate automation and AI assistants to sophisticated fraud operations — Agentic Trust gives you full visibility, granular control, and monetization capabilities over every agent interacting with your platform.
Pre-requisites
Agentic Trust is built on top of DataDome's Bot Protect product. Before using any Agentic Trust feature, make sure Bot Protect is fully installed and operational on your online resources.
A complete Bot Protect integration requires both of the following components:
Server-Side Integration
The DataDome server-side module must be deployed on your infrastructure. It is responsible for intercepting HTTP requests, forwarding them to the DataDome API for analysis, and enforcing the decisions returned (allow, block, challenge, etc.).
Server-side modules are available for all major web servers, application servers, CDNs, and API gateways. Refer to the Bot Protect documentation for installation instructions specific to your stack.
Client-Side Integration
The DataDome client-side tag must be installed on your web pages. It collects behavioral and device signals from end users' browsers, which are used to enrich DataDome's detection models and improve accuracy.
Refer to tthe Bot Protect documentation for installation instructions.
Note: Agentic Trust features, including AI agent identification, trust levels, access control policies, and monetization, rely on traffic being routed through the DataDome integration. Incomplete or misconfigured integrations may result in partial or missing agentic traffic data.
Core Capabilities
AI Agent Identification
DataDome automatically identifies AI agents sending traffic to your endpoints. Identification relies on a layered approach:
- Strong identification methods: when supported, DataDome uses cryptographic verification protocols such as Web Bot Authentication and KYA (Know Your Agent), official IP source lists, and reverse-DNS validation. These methods provide the highest level of identification confidence.
- Advanced fingerprinting: for evasive agents that do not support strong verification, DataDome applies behavioral and technical fingerprinting techniques to identify the agent with best-effort accuracy.
Every identified agent is assigned a transparent identification strength score, so you always know how confident DataDome is in the identification. DataDome continuously expands and updates its catalog of known AI agents to keep pace with the rapidly evolving agentic ecosystem.
Intent detection and Protection against Agentic Abuse
Identification alone is not enough. Even well-known, strongly authenticated agents can be weaponized for fraud. DataDome's ML-powered intent detection models analyze every agentic request to detect and block malicious activity, including:
| Threat Type | Description |
|---|---|
| Vulnerability Scanning | Probing endpoints for security weaknesses |
| Credential Stuffing | Automated login attacks using stolen credentials |
| Fake Account Creation | Mass registration of fraudulent accounts |
| Payment Fraud | Illegitimate purchase or payment attempts |
| Spamming | Automated content or messaging abuse |
| Scalping | Automated purchasing of limited-availability items |
| Scraping | Unauthorized bulk extraction of content or data |
These threats are detected and blocked regardless of whether the agent is strongly authenticated or not.
Traffic Insights and Transparency
Agentic traffic is fully observable across all meaningful dimensions. You can explore traffic by:
- Intent: what the agent is trying to do
- Agent identity: which agent is sending the traffic
- Geo-location: where requests originate
- Domain and URL: which parts of your surface are being targeted
- Endpoint type: the nature of the targeted API or page
For every HTTP request, the full request details and DataDome's detection output are accessible, ensuring complete transparency into both agent behavior and DataDome's decisions.
Trust Score
DataDome computes a trust score for every AI agent, combining two signals:
- Identification strength: how reliably the agent can be verified
- Fraud history: abuse attempts detected by DataDome using that agent
Trust scores are dynamic: they evolve continuously as new observations are collected, and are customer-adjusted to reflect behavior patterns specific to your online resources. An agent may have high trust on one customer's platform while being flagged with low trust on another's.
Access Control
You have total control over how every AI agent interacts with your platform. Policies can be configured at multiple levels of granularity, from a global default down to custom rules targeting specific subsets of traffic. See the Access Control section for full details.
Monetization
Agentic Trust integrates with monetization partners, enabling you to grant paid access to AI agents and generate revenue from agentic traffic. See the Monetize section for full details.
Updated 8 days ago