Bad Actor Identification

[webdevelopers-eu]

In our current setup, we rely on Intrusion Detection Systems (IDS) and firewalls to identify and block malicious IP addresses temporarily to mitigate pending attacks. These systems are crucial for protecting our networks and are extremely effective against various bots and script kiddies...

However, if attackers use hidden and/or shared IP addresses with legitimate users, our traditional approach to blocking these IPs could become ineffective. How will these security measures adapt to ensure they can still protect against threats without inadvertently affecting legitimate users who might be sharing the same IP for anonymity purposes?