You are tasked with securing an API that is exposed to the internet and is frequently targeted by bots and automated scripts. Which AWS service would you use to identify and mitigate these threats effectively?