Cloudflare launches Precursor: session-based bot detection that watches behavioral signals, not just login clicks
<cite index="62-2">Cloudflare announced the general availability of Precursor, a next-generation continuous behavioral validation engine for bot management. Built directly on Cloudflare's edge, Precursor runs seamlessly inside web browsers to monitor entire user sessions in order to detect bot automation.</cite> <cite index="68-2">For the first time, automated bot traffic has eclipsed human activity on the Internet, now generating roughly 57% of all web requests. This milestone emphasizes a seismic evolution from an Internet built for human clicks to a digital landscape now dominated by AI agents.</cite>
<cite index="61-1,61-2">Precursor is a client-side, session-based verification system built with privacy in mind that uses dynamically injected JavaScript to continuously collect behavioral signals as visitors interact with applications. By turning session-level behavior into bot detection signals, it identifies advanced automation with higher precision while reducing friction for legitimate users.</cite> <cite index="66-1,69-1">The system looks at signals such as mouse movement, scrolling rhythm, typing cadence, clipboard activity, page visibility, and whether keyboard events happened while a text field was selected, with Cloudflare injecting a small script into pages passing through its network.</cite>
<cite index="62-4,63-4,68-5">Unlike traditional security checks that look at a single moment, modern bots have gotten smart enough to fake their way through the front door. Instead of just checking an ID at the gate, Precursor looks at behavior over the entire visit. This makes life seamless for real users while making it incredibly difficult and expensive for bad actors to fake human behavior. Precursor logs aggregate behavioral patterns rather than recording specific user inputs, with keyboard activity recorded exclusively as timing rhythm and cadence rather than capturing actual keystrokes.</cite> For infrastructure operators and security teams managing bot mitigation at scale, this shifts the detection frontier from point-in-time verification (CAPTCHA at login) to session continuity, making it costlier for adversaries to operate large-scale automation while preserving user experience for legitimate traffic.
Sources
- Primary source
- blog.cloudflare.com
“Precursor is built to capture that layer of interaction, turning behavior itself into a reliable signal for detecting fraud and abuse. By evaluating behavior across an entire session, Precursor adds significantly more signal to each decision.”
- helpnetsecurity.com
“Session-long security measures: Unlike traditional defense challenges that reset per every request, Precursor continuously evaluates the visitor's user journey across a web or single page application. Automated agents cannot reset their behavioral signatures by refreshing a page.”
- cyberinsider.com
“Precursor extends behavioral analysis across an entire browsing session, allowing it to detect subtle inconsistencies that distinguish humans from automated systems, including AI agents capable of completing CAPTCHA challenges and using real browser environments.”