CAPTCHA Definition

A Completely Automated Public Turing test to all Computers and Humans Apart (CAPTCHA), is a test designed to distinguish human users from bots, to reduce the amount of bot traffic hitting a website.

CAPTCHA tests are often used on email login pages, forums and comment sections of a blog or news site to specifically prevent spam bots and automated brute force attacks. As threat actors have become increasingly sophisticated, CAPTCHAs have in turn needed to adapt to remain effective.

While traditionally, CAPTCHAs required a user to copy a jumbled sequence of numbers and letters. However, users are now more likely to see a grid of images from which they must, for example, select all images with bridges or all images with a set of traffic lights.

CAPTCHA evasion techniques

CAPTCHA forms are fundamental to the web/sec admin’s detection and response arsenal, significantly reducing the number of spambots to a website and mitigating the effects of a brute force attack. Due to their ongoing usage, threat actors continue their attempts to defeat their tests using a variety of automated evasion techniques. Amongst the most common evasion strategies are CAPTCHA farms.

CAPTCHA farms bridge the gap between threat actors and the site they want to access via a CAPTCHA form. A bot is integrated via a third-party API and when faced with a CAPTCHA form, a request is sent to a real human in a farm, who will solve the challenge. The human-generated response is sent to the bot, who solves the challenge via the web application and their “human” status is verified.

Blocking CAPTCHA evasion techniques

CAPTCHA continues to play a critical role in most cybersecurity solutions however, they are not enough on its own.

Netacea takes a smarter approach to bot management. Our Intent Analytics^TM powered by machine learning quickly and accurately distinguishes bots from humans to protect websites, mobile apps and APIs from automated threats while prioritising genuine users. Actionable intelligence with data-rich visualisations empowers you to make informed decisions about your traffic.

Talk to our team of cyber-security experts today to discover more about our pioneering approach to bot management to help you detect unwanted bot activity and defend against it.

See also:

Back to Glossary

Related Resources

Case Study

Case StudyGlobal Sportsbook Protects Odds IP & Maximises Event Capacity
Case Study

View Case Study

Global Sportsbook Protects Odds IP & Maximises Event Capacity

View Now

Whitepaper

WhitepaperTechnical Showcase: How Netacea develops cutting-edge bot detection
Whitepaper

View Whitepaper

Technical Showcase: How Netacea develops cutting-edge bot detection

View Now

Guide

GuideThe Buyers Guide to Bot Management 2021
Guide

View Guide

The Buyers Guide to Bot Management 2021

View Now

Try Netacea

Empower your business with control over bot traffic and the ability to detect bots and block malicious traffic in real-time.

Request a Demo