Cloudflare has announced the general availability of Precursor, a next-generation, continuous behavioral validation engine for bot management. Precursor runs seamlessly inside web browsers to monitor entire user sessions in order to detect bot automation. Unlike static CAPTCHAs, it analyzes ongoing interactions in real time to catch advanced bots, improving detection precision without interrupting legitimate users.
For the first time, automated bot traffic has eclipsed human activity on the Internet, now generating roughly 57% of all web requests. This milestone emphasizes a seismic evolution from an Internet built for human clicks to a digital landscape now dominated by AI agents.
For organizations and everyday consumers, this means that legacy defenses are blind to a new breed of automated threats that drive up infrastructure costs, manipulate inventory, and compromise data. While a modern bot can easily fake a single action to pass a one-time security check, replicating an entire human journey remains a massive engineering hurdle.
To protect the integrity of the global Internet, organizations must move away from static, point-in-time defenses and embrace continuous behavioral validation—analyzing telemetry across an entire session to unmask automated imposters trying to blend into the crowd.
“Traditional security checks look at a single moment in time, but modern bots have gotten smart enough to fake their way through the front door,” said Dane Knecht, CTO of Cloudflare.
“Instead of just checking an ID at the gate, we are looking at behavior over the entire visit. This makes life seamless for real users, while making it incredibly difficult and expensive for bad actors to fake human behavior. Cloudflare already protects users billions of times a day at critical moments like login and checkout, but until now, the space between those moments was a black box. With Precursor, we’re now eliminating that blindspot.”
Now generally available, Precursor provides a session-level view of site activity by continuously collecting robust browser signals to block unwanted automated traffic through:
- Privacy-led defense: Built to protect end user confidentiality, Precursor logs aggregate behavioral patterns rather than recording specific user inputs. For example, keyboard activity is recorded exclusively as timing rhythm and cadence—never capturing actual keystrokes.
- Zero-code, one-click setup: Precursor is enabled with one click, automatically allowing Cloudflare to inject a compact, dynamic script passing through the network, requiring no modifications to underlying code. The script evaluates interaction trail dimensions such as mouse movement, scrolling rhythm, typing cadence, clipboard activity, and page visibility duration.
- A real-time analysis engine: Cloudflare’s servers instantly unpack the telemetry data sent from a user’s browser and scan it for signs of faked or computer-generated activity. We then validate whether interaction streams map rationally to human behavior, such as cross-referencing that pointer activity aligns with page visibility or text fields are focused during typing events.
- Session-long security measures: Unlike traditional defense challenges that reset per every request, Precursor continuously evaluates the visitor’s user journey across a web or single page application. Automated agents cannot reset their behavioral signatures by refreshing a page, allowing defensive algorithms to adjust a session’s Bot Score with compounding context.

