“The 11th annual edition of the Imperva Bad Bot Report examines and investigates the nature of automated internet traffic, mainly automated bot attacks. Such attacks are getting more sophisticated by the day, bypassing traditional detection methods and causing chaos on the internet. The report analyzes data collected from the Imperva global network in 2023, including nearly 6 trillion blocked bad bot requests anonymized across thousands of domains and industries. This report aims to provide meaningful information about the nature and impact of bots to help organizations better understand the potential risks of bot traffic when not adequately managed. The report focuses on bad bot activity at the OSI model’s application layer (layer 7). These bot use cases are entirely different from volumetric DDoS attacks, which manipulate lower-level network protocols. Bad bots interact with applications in a way that mimics legitimate users, making them more challenging to detect and block. They exploit business logic by exploiting an application’s intended functionality and processes rather than its technical vulnerabilities. Bad bots facilitate high-speed abuse, misuse, and attacks on websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to engage in malicious activities. Activities such as web scraping, competitive data mining, personal and financial data harvesting, brute-force login attempts, scalping, digital ad fraud, denial-of-service attacks, spamming, transaction fraud, and other similar activities can harm a business. These activities consume bandwidth, slow down servers, and steal sensitive data, leading to financial losses and damage to a company’s reputation.”