--- title: Manage attack blocking description: ASE and ABS work in tandem to detect and block attacks. ASE detects attacks in real-time, blocks the hacker, and reports attack information to ABS. ABS AI Engine uses behavioral analysis to look for advanced attacks. component: pingintelligence version: 5.1 page_id: pingintelligence:abs_ai_engine:pingintelligence_manage_attack_blocking canonical_url: https://docs.pingidentity.com/pingintelligence/5.1/abs_ai_engine/pingintelligence_manage_attack_blocking.html revdate: April 3, 2024 --- # Manage attack blocking ASE and ABS work in tandem to detect and block attacks. ASE detects attacks in real-time, blocks the hacker, and reports attack information to ABS. ABS AI Engine uses behavioral analysis to look for advanced attacks. Attack management is done in both ABS and ASE. **In ABS, you can**: * List active, expired or a consolidated list of active and expired client identifiers for a specific time period. For more information see, [ABS blacklist reporting](pingintelligence_abs_blacklist_reporting.html). * Delete specific client identifiers from ABS blacklist or bulk delete a type of client identifier using ABS REST API. For more information, see [Delete individual client identifiers](pingintelligence_delete_client_identifiers.html) and [Bulk delete client identifiers](pingintelligence_bulk_delete_client_identifiers.html). * Enable or disable a specific attack ID. When you disable an attack ID, ABS stops reporting attacks across all client identifiers for that attack ID. For more information, see [Enable or disable attack IDs](pingintelligence_enable_disable_attack_ids.html). * Configure the time-to-live (TTL) for each client identifier type. The TTL time applies to all the detected attacks for that client identifier. For more information, see [TTL for client identifiers in ABS](pingintelligence_ttl_client_identifiers_in_abs.html). **In ASE, you can**: * Manually add or delete entries from whitelist and blacklist * Enable or disable automatic blocking of ABS detected attack types * Enable or disable ASE detected real-time attacks. ASE detects real time attacks only in an inline deployment. For more information see, [Attack management in ASE](pingintelligence_attack_management_ase.html).