Webinar Description
Key Takeaways
- Explores the critical shift from blanket bot blocking to distinguishing authorised AI agents from malicious automation
- Examines cryptographic verification as the emerging standard for proving agent identity and authorisation
- Features technical leaders from Fingerprint and Browserbase discussing infrastructure for agent signing and verification
- Addresses revenue protection and user experience challenges caused by over-aggressive automation blocking
- Relevant for security engineers, technical executives, and product managers at digital platforms
Introduction
The webinar “From Bots to Agents: Why Identifying AI Traffic with Certainty Matters” addresses a fundamental challenge facing digital businesses as artificial intelligence reshapes web automation. Designed for security professionals, technical leaders, and product managers, the session examines why traditional approaches to bot management are becoming counterproductive in an era where legitimate AI agents increasingly perform valuable tasks on behalf of users. The timing reflects a broader industry reckoning: as AI agents become capable of booking flights, managing accounts, and executing complex workflows, organisations can no longer afford to treat all automated traffic as hostile.
About This Event
This virtual webinar brings together leaders from Fingerprint and Browserbase, two companies building infrastructure for the emerging AI agent ecosystem. The session combines technical discussion with executive-level strategic considerations, followed by a live question-and-answer segment addressing practical implementation concerns such as handling unsigned agents and anticipating future developments in the space.
Fingerprint, known for its device identification technology, and Browserbase, which provides infrastructure for web automation, represent complementary perspectives on the agent verification challenge. Their collaboration reflects growing industry recognition that solving the AI agent identity problem requires coordination across the technology stack.
The Shift from Bot Blocking to Agent Authorisation
For years, web security teams operated under a straightforward principle: automated traffic is suspicious traffic. Bot detection systems evolved to identify non-human behaviour patterns, and blocking policies grew increasingly aggressive. This approach made sense when most automation was either malicious or unwanted—credential stuffing attacks, inventory hoarding, price scraping, and similar activities that directly harmed businesses.
The emergence of sophisticated AI agents has fundamentally altered this calculus. When a user authorises an AI assistant to compare flight prices across multiple airlines, book appointments, or manage subscription services, that automation serves the user’s legitimate interests. Blocking such traffic no longer protects the business; it actively damages customer relationships and forfeits revenue.
The webinar argues that the relevant question has shifted from “Is this a bot?” to “Is this authorised?” This reframing has significant implications for how organisations architect their security policies and the technical infrastructure required to implement them.
Why Traditional Detection Methods Fall Short
Conventional bot detection relies heavily on heuristics—behavioural patterns, browser fingerprints, request timing, and similar signals that distinguish human users from automated systems. These techniques remain valuable for identifying unsophisticated attacks, but they face inherent limitations against advanced AI agents.
Modern AI agents can mimic human behaviour with increasing fidelity. They navigate websites, handle CAPTCHAs, and interact with interfaces in ways that closely resemble organic user activity. More fundamentally, heuristic detection cannot answer the authorisation question. Even perfect behavioural analysis cannot determine whether an agent has legitimate permission to act on a user’s behalf or access a particular service.
This limitation creates a policy dilemma. Organisations that maintain aggressive blocking risk alienating customers who rely on AI assistants for routine tasks. Those that relax their defences expose themselves to sophisticated attacks that exploit the same agent capabilities. Neither approach addresses the underlying need to distinguish authorised from unauthorised automation.
Cryptographic Verification as the Path Forward
The session positions cryptographic proof as the technical foundation for resolving the agent identity challenge. Rather than inferring intent from behaviour, cryptographic verification establishes identity and authorisation through mathematical certainty. An agent presents credentials that prove both who created it and what permissions it holds, enabling receiving services to make informed policy decisions.
This approach requires infrastructure on both sides of the interaction. Agent providers must implement signing mechanisms that cryptographically bind agents to their operators and the authorisations they carry. Service providers must implement verification systems that validate these credentials and translate them into appropriate access policies—allowing, blocking, throttling, or enriching requests based on verified identity rather than behavioural guesswork.
The webinar references several organisations already participating in this emerging ecosystem, including OpenAI, AWS AgentCore, Manus, and Anchor Browser as examples of signed and verifiable agent providers. This growing adoption suggests the industry is coalescing around cryptographic verification as a practical standard rather than a theoretical ideal.
Industry Context and Business Implications
The timing of this discussion reflects broader trends in enterprise AI adoption. Organisations across sectors are deploying AI agents for customer service, procurement, research, and operational tasks. Simultaneously, consumers increasingly expect AI assistants to handle routine digital interactions on their behalf. This dual pressure—from internal automation initiatives and external user expectations—makes agent governance an urgent priority.
The business case extends beyond security. Organisations that can reliably identify authorised agents gain the ability to offer differentiated experiences—faster response times, richer data access, or streamlined workflows for verified automation. This creates competitive advantages in markets where AI-assisted interactions become the norm rather than the exception.
Conversely, organisations that cannot distinguish authorised agents face mounting costs. Over-blocking generates customer complaints, abandoned transactions, and support overhead. Under-blocking exposes systems to abuse. The inability to implement nuanced policies—treating different agents differently based on verified identity—leaves businesses with only blunt instruments in an environment that demands precision.
Who Should Attend
The webinar targets professionals responsible for securing web applications and shaping automation policy. Security engineers and application security teams will find practical discussion of verification infrastructure and policy implementation. DevOps practitioners can explore how agent authentication integrates with existing security architectures.
Technical executives—CTOs, CIOs, and founders—will benefit from the strategic framing of agent governance as both a security imperative and a business opportunity. Product managers and architects at SaaS companies, e-commerce platforms, and digital services can assess how agent verification capabilities might differentiate their offerings or address emerging customer requirements.
The session is particularly relevant for organisations that either deploy AI agents as part of their operations or defend against automated access to their services. In practice, this increasingly describes most digital businesses.
Looking Ahead
The transition from bot blocking to agent authorisation represents more than a technical upgrade. It reflects a fundamental shift in how organisations conceptualise automated traffic—from a threat to be neutralised toward a category of interaction to be governed. As AI agents become more capable and more prevalent, the infrastructure for verifying their identity and authorisation will likely become as essential as the authentication systems that govern human access today.

