The Buyer Signal Iceberg

Business buyers are researching you long before they ever click on your site — and increasingly, they’re not clicking at all. Zero‑click behavior is surging, with buyers relying on answer engines and genAI tools as their first stop for gathering information, comparing vendors, and evaluating solutions. Marketers are stuck guessing how they influence buyers through answer engines, since so little activity results in a website visit.

The Visibility Gap

The problem isn’t lack of buyer activity — it’s lack of visibility. Public answer engines and private genAI tools have become the primary way buyers gather information, but the signals they generate rarely surface in analytics. Answer engine references, buyer-assist agents, and internal copilot queries don’t appear on marketers’ dashboards. And when these tools do refer traffic, some engines (i.e., ChatGPT, Perplexity, Claude) provide recognizable signatures while others blend into traditional search traffic, leaving marketers unable to distinguish answer-engine-referred visits.

AEO Provides Some Approximation

Meanwhile, marketers have turned to answer engine optimization (AEO) tools that estimate brand presence, sentiment, and citation across a set of prompts for a range of answer engines. AEO tools are very good indicators of visibility but can only estimate actual buyer activity. These tools can show presence in answer engines but not real buyer engagement through complex purchases.

When buyers move to answer engines, the clicks disappear — but the intent doesn’t. And that intent is hiding in plain sight.

Bot And Agent Traffic Reveals Hidden Buyer Intent

Marketers have historically discarded bot traffic entirely, treating it as noise, fraud, or SEO teams’ responsibility. That approach made sense when legacy crawlers and malicious actors dominated automated traffic, but that world no longer exists.

Security teams can detect and classify a wide range of automated actors — including user‑initiated agents that reflect genuine buyer activity on answer engines. Unlike LLM training scrapers or routine indexing crawlers, these are triggered by a buyer prompt with real research intent. As AI agents and bots now account for a material share of digital interactions, discarding them means discarding real buyer-assist behavior. Even without conversions, these automated visits reflect meaningful upstream interest, influence, and comparison activity that marketers need to understand.

If marketers continue to throw away this traffic, they lose the earliest indicators of influence in an AI‑driven buying journey.

Security Teams Already Classify The Bots And Agents That Marketers Need

Security tools analyze indicators that marketing tools never see — TLS fingerprints (JA3/JA4), HTTPS headers, IP/ASN reputations, and behavioral signatures. Using this telemetry, they classify automated actors into categories like buyer‑assist agents, answer engines, LLM scrapers, automation tools, and malicious actors. With shared data and a common taxonomy, marketers could differentiate legitimate early-stage research activity from wasteful impressions, ad fraud, or model training.

Marketing Needs To Partner With Security

Many marketing teams see security as a source of friction that slows innovation or adds cost to serving buyers. Security teams are actively trying to break down this perception and better understand and serve the needs of the business. This moment calls for partnership. Marketing brings the context of buyer behavior and revenue impact. Security brings the telemetry, classifications, and real-time insight into automated traffic. Together, you can start to rebuild the visibility layer that AI-driven journeys have disrupted.

A Guide For Marketing-Security Collaboration

Forrester can help guide you through a collaborative process to turn automated traffic into advantage and attain greater visibility. Read my colleague Sandy Carielli’s report on how to partner with security and uncover the zero-click buyer data in your bot traffic. Better yet, share it with your security partners and book a meeting to apply this framework to your organization.