When the AI Engine detects an attack, it adds an entry to its deny list, which consists of usernames, tokens, API Keys, cookies, and IP addresses of clients that were detected executing attacks.
If blocking is enabled for the API, the deny list is automatically sent to API Security Enforcer (ASE) nodes, which blocks the client's future access using the identifiers on the list.