​​In Q2 2025, we introduced key updates across the Cyberfraud Protection Platform to help you deploy protection faster, fine-tune responses with precision, and reduce friction for real users. From sampled protection and challenge control to real-time threat exposure insights in the Vulnerability Scan, each release is designed to give your team more protection and control without adding any complexity.

You’ll also find deeper visibility into script changes with Page Protect, more flexible response options in Account Protect, and a new point of presence (PoP) in Mexico City to improve latency and performance across the Americas.

Last but not least, we streamlined some of our integrations to support faster time-to-protection and reduce the need for manual changes.

Sampled protection and challenge control: Easily fine-tune protection policies

We give customers greater control and flexibility over when and how they activate protection strategies on specific endpoints so they can measure security effectiveness without impacting the user experience.

Traffic sampling by endpoint

You can now apply protection to a percentage of traffic per endpoint. Instead of a binary ON/OFF toggle (100% or 0%), you can gradually roll out protection, perfect for testing and impact measurement. DataDome automatically samples traffic based on your selected ratio.

New enriched header

A new, optional enriched header X-DataDome-Protection indicates whether protection was applied to a given request, providing a lightweight way to monitor protection behavior across your stack.

Enhanced visibility in Explore

Filter and visualize protected versus unprotected traffic directly in the Explore section. This gives you deeper insights into how protection is applied and how it correlates with other traffic metrics.

Challenge control

Define whether CAPTCHA and/or Device Check are enabled on a per-endpoint basis.

Important: We strongly recommend keeping both challenges enabled to maintain optimal protection levels—disabling either would reduce your security posture.

Device Check is now available for customized policies

This invisible protection layer adds zero friction for real users while helping you reduce CAPTCHA usage. No extra steps, just smoother experiences.

Frictionless security just got more flexible

Device Check is now available as a response option across all access control sections: AI Threat Detection, Verified Bots, and Custom Rules. If you’re unsure which response makes the most sense for your use case, DataDome now highlights the default suggestion, making it easier to get started with confidence.

Vulnerability Scan: Instant visibility of your bot exposure

We’ve also launched Vulnerability Scan, the next evolution of Discover. This upgraded tool gives you instant visibility into how bots interact with your website. No setup, no code, no impact—just a clear, actionable view of what attackers see and where you’re exposed.

Domain visibility

Instantly identify active, inactive, protected, and unprotected domains and subdomains across your digital landscape.

Real-time threat exposure

See how your defenses stack up against modern bots, scrapers, fake crawlers, and account takeover attempts. Get clarity on why a domain failed protection tests and what your risk may be.

Actionable recommendations

Get clear next steps to close protection gaps, block sophisticated bots, and stop fraud earlier.

Page Protect: Track and respond to what matters

We’ve introduced two important updates to help you stay on top of changes in your environment, designed for clarity, compliance, and ease of use.

Audit trails for script activity

You can now track exactly who reviewed what and when across the Script Inventory, Manage, and Incident History pages. These audit trails support PCI DSS traceability, giving you greater visibility without added complexity.

Script change notifications

After each scan, you’ll receive an email alert if any scripts, headers, iframes, CSS, or CSP settings have been added, removed, or updated. It’s a simple way to stay informed about front-end changes. Notifications are easy to configure within your Reports and Notifications settings.

Account Protect: New response recommendations

We now provide two new response recommendations, “Review” and “Challenge,” to give our customers more control and insight into user traffic.

More user flexibility

Account Protect now offers two new response recommendations: Review and Challenge.

These additions sit alongside the existing Allow and Deny options, giving your team more ways to handle nuanced traffic. You can flag events for manual review or trigger an authentication challenge to verify suspicious behavior without shutting out legitimate users.

It’s a simple way to boost visibility and control while keeping friction low, with no setup required.

New DataDome PoP in Mexico

We have continued to invest in building our infrastructure to ensure we have the speed and scalability to keep pace with your needs

Real-time performance

We’re thrilled to announce that earlier in 2025, we added a new point of presence (PoP) in Mexico City, Mexico. This brings our total number of edge PoPs to 34 worldwide!

Like our other PoPs, this new PoP will improve our latency and performance metrics even more in the Americas. We know that, especially for enterprise customers, being able to ensure secure user interactions all around the globe is critical.

Deployment for faster time-to-protection

We have continued to improve our integrations to help teams to better manage traffic, assess risk exposure, and enforce protection—without added complexity

Integration enhancements

This quarter brought improvements behind the scenes to help teams roll out protection even faster. Updates to our Akamai Edge Worker integration now support automatic client-side script injection, streamlining deployment and reducing the need for manual front-end changes. The result is a smoother, faster path to full protection across environments.

Each feature is now available in the platform and ready to support more flexible configurations, stronger audit practices, and faster threat response across environments.

Curious how it all comes together? Request a demo to see the Cyberfraud Protection Platform in action.