---
title: Automated ASE attack blocking
description: When the AI Engine detects an attack, it adds an entry to its blacklist which consists of usernames, tokens, API Keys, cookies, and IP addresses of clients which were detected executing attacks. If blocking is enabled for the API, the blacklist is automatically sent to ASE nodes which blocks the client's future access using the identifiers on the list.
component: pingintelligence
version: 5.1
page_id: pingintelligence:abs_ai_engine:pingintelligence_automated_ase_attack_blocking
canonical_url: https://docs.pingidentity.com/pingintelligence/5.1/abs_ai_engine/pingintelligence_automated_ase_attack_blocking.html
revdate: March 27, 2024
section_ids:
  automatic-blocking-of-attacks-with-ase: Automatic blocking of attacks with ASE
  activate-log-processing-for-abs: Activate log processing for ABS
  automatically-block-abs-detected-attacks: Automatically block ABS detected attacks
  disable-attack-blocking: Disable attack blocking
---

# Automated ASE attack blocking

## **Automatic blocking of attacks with ASE**

When the AI Engine detects an attack, it adds an entry to its blacklist which consists of usernames, tokens, API Keys, cookies, and IP addresses of clients which were detected executing attacks. If blocking is enabled for the API, the blacklist is automatically sent to ASE nodes which blocks the client's future access using the identifiers on the list.

### Activate log processing for ABS

To activate ABS log processing, execute the following ASE command:

```
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin enable_abs
```

After log processing is enabled, ASE sends log data to ABS which processes the log data to look for attacks and generate reports.

### Automatically block ABS detected attacks

ABS generates a list of clients that are suspected of executing attacks. ABS can be configured to automatically send the attack list to ASE which blocks client access. By default, automatic blocking is inactive, execute the following ASE command to activate automatic client blocking.

```
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin enable_abs_attack
```

### Disable attack blocking

To disable automatic sending of ABS attack lists to ASE, execute the following ASE command:

```
/opt/pingidentity/ase/bin/cli.sh -u admin -p admin disable_abs_attack
```