Bot Mitigation Methods
By Netacea / 10th Jul 2018
Risk Mitigation Methods
Netacea gives you total transparency and flexibility to manage your human and bot visitors according to your business priorities.
We’ve developed a number of risk mitigation methods that can be applied to a specific Visitor, IP, User Agent or Source (e.g. a data centre) at the click of a button, or by creating automated behavioural policies which Netacea will use to detect an apply mitigations to visitors displaying types of behaviour. All mitigation strategies
are tracked in the system via our Audit Log so you’ll always know what you applied and when, and any strategy can be easily updated should your priorities change.
For your own business locations and to support key partner and affiliate activities you can choose to Trust visitor to your site, giving you peace of mind that your
own internal business activities will never be interrupted by any behavioural mitigation policies. Trusting visitors is also valuable for ensuring desired 3rd party traffic, for example a search engine Bot, are also allowed access
Custom Policy Filters
The Netacea console has a range of powerful filters that be used together to create powerful sets of policies based on behavioural data, geolocation, category of Bots, recommendations scores, and browser fingerprinting.
The search type interface makes it very easy to search and apply the filters to the bots by risk score, type or just by date and path.
For example, you could exclude all visitors from a specific set of regions e.g. China and Russia that have failed proof of work, and are not full stack browsers. that deviate from normal behaviour to be flagged as moderate risk. The filters will then apply the policy to all visitors based on that profile, and you can globally apply your desired bot mitigation of choice for all these visitor types.
The filters allow you to create fine-tuned granular policies on the fly, and have them applied to all your visitors. Filters can be applied using the visual search console or programmatically via the APIs.
Blackholing allows you to fool malicious visitors into believing there is a connection issue by sending a no response to the identified visitors. This type of mitigation is less aggressive than a Hard Block which can result in bad actors trying brute force attacks, whereas the Netacea blackholing mitigation can reduce this risk by faking connection errors.
For the known good actors, we can simply and easily add them to your trusted list.
For the known bad actors, we can simply and easily block them from entering your site, this tough mitigation means identified, known, high risk visitors or sources
can be prevented from entering your site, filtering out this traffic and saving you load and attendant costs.
Google captcha is easily bypassed by the more advanced bots, who use AI techniques linking a video camera to the screen, or even using human bot solvers
to bypass it manually. We offer advanced captcha techniques that look as the digital fingerprint to search for the tell-tale signs of human vs. Bot behaviour. Using an Advanced Captcha greatly eliminates the known bypass methods, and allows us to combine the Captcha Fingerprinting data into our machine learning algorithm to become even more precise.
As the bots try and evade Captcha they in turn leave tell signs that we can easily identify and pick up as sure indicators of scripted bots.
Should some of the visitors served Captcha be real, then they can simply complete an engaging 3D puzzle and then be allowed access to your site, meaning this is
a great strategy to apply when you are unsure of the intent or validity of a visitor or if you apply it to a source of visitors e.g. a particular Data Centre.