3 Steps to Better Bot Management
By / 13th May 2019
Making Bot Detection and Mitigation Your Priority
Are you seeing the full picture when it comes to web and application security? Without fast and accurate data at your fingertips, it’s increasingly difficult to differentiate human from automated bot traffic on your web-facing applications.
Credential stuffing, account fraud and scraping attacks are a multi-billion-dollar business¹, with the scope for earning made increasingly simple by the vast number of internet users, availability of login credentials and the sheer volume of connected devices.
Automated traffic (made up of good and bad bots) typically accounts for over 50% of overall traffic and in 2018, Verizon reported that 81% of hacking-related breaches leveraged compromised credentials². According to Cisco, by 2022 there will be more than 28.5 billion global network connections³. That’s 256% more network connections than human beings on the planet.
In this guide, we look at what is motivating bot attacks and demonstrate the value of behavioural analytics and machine learning to protect your websites, mobile apps and APIs, as well as increasing your control and visibility of your online traffic.
1. Understanding The Automated Traffic Threat
Although the type of attack may differ per industry, attacks are carried out indiscriminately regardless of an organisation’s size or sector. It is vital that you understand what motivates attacks in order to effectively tackle the problem.
Automated, malicious bots are most commonly used to:
- Scrape prices and content for competitive disruption
- Achieve account takeover via credential stuffing for fraudulent transactions
- Severely slow down site performance to disrupt business activities
- Carry out loyalty scheme fraud for financial gain
- Crack credit card accounts to make unauthorised purchases
2. Effective Threat Detection and Mitigation With Smarter Bot Management
For this reason, it is common for difficulties to arise when customers opt to use bolt-on bot solutions from WAF and CDN providers, often derived from traditional approaches including blacklisting and IP-blocking. While the bundled bot management solutions are perceived to be effective out-of-the-box, they often require heavy configuration and management to reduce false-positives. Crucially, a lack of transparency in the decision-making process can lead to a loss of confidence if legitimate users are stopped or delayed from reaching the point of conversion on your site.
Bundled solutions are a good first step to reducing risk but are no comparison to a dedicated bot management solution that seeks out the most sophisticated bot threats.
At Netacea we apply a highly agile, data-driven approach that adapts as user-behaviour and bot techniques evolve. This enables us to look specifically at what the bots are doing to determine intent and motive, applying a groundbreaking use of machine learning to understand human and bot behaviours using our unique Intent Analytics. Unlike strictly rule-based approaches, a machine learning first approach enables us to analyse thousands of signals in real time to detect and mitigate automated bot attacks, while always prioritising genuine users with incredible speed, accuracy and transparency.
3. Recognising Value in Visibility
Our data-driven approach enables us to build an accurate data model in the context of actual behaviour, establishing comprehensive visibility of the traffic to your site and its effect on your business.
We monitor all site visits to a specified path and analyse them in context relative to each of the visitors to the enterprise estate. The technology then automatically learns from the business’s web estate according to the threats identified and your specified business priorities. This in-depth insight is then fed back to your business so that you can make informed decisions about your traffic. With greater understanding at your fingertips, you can confidently challenge and block attacks, while providing real customers with a frictionless experience.
Building this relational matrix rather than one model that applies to every situation is crucial as we examine thousands of potential signals to produce a true multi-dimensional data model.
We then look at the behavior of all website visitors, and in our multi-dimensional data, we look for identifying clusters of behavior, including fingerprint markers. The machine learning intelligence dynamically assesses what constitutes “normal” behaviour over time, by path or location.
By its very nature, this machine learning approach becomes more effective over time while traditional approaches become less effective as the bots evolve and work around the scripts.
Applying Intent Analytics
A world-leading retailer approached Netacea following a spate of account takeover attacks, designed to compromise their 20 million customer accounts using breached credentials.
The retailer had previously relied on traditional technology and the time and expertise of in-house teams to manually react to and mitigate malicious bot threats. However, the increasing frequency and ferocity of bot attacks required a more proactive solution.
Intent Analytics quickly and accurately identified persistent and sophisticated account takeover and credential stuffing attacks. This real-time identification data was used to augment existing data sets, allowing for attacks to be automatically identified and security improved whilst reducing friction on customer journeys.
In the run-up to high profile, national events, betting and gaming sites are inundated with malicious bots scraping odds, targeting accounts and abusing offers. This relentless activity threatens the availability of a site and weakens the user-experience for legitimate customers.
Prior to partnering with Netacea, malicious bot attacks were frequently taking our customer’s site offline and having a direct financial impact on the business, while reducing the value of the IP that it has invested in with the generation of odds.
Within a week, Intent Analytics enabled our customer to identify and mitigate the most aggressive bot traffic to successfully reduce website requests by 109%.
An industry-leading airline had been using a global cyber security brand to help solve their bot mitigation traffic challenges, when it became apparent that the techniques used were failing to mitigate the re-emergence of sophisticated and persistent bots to the detriment of legitimate users. The Netacea team collaborated with the airline to define a solution that tackled the immediate problem, would adapt to mitigate changing threat behaviour and would evolve in-line with the company’s growth.
Intent Analytics immediately reduced the amount of manual password resets the airline needs to perform on customer accounts, lowered excess infrastructure costs incurred to accommodate bot traffic and reassured the airline that their assets are secure.
Why Choose The Netacea Approach?
At Netacea we take the information at hand and apply a solution that is sophisticated, agile and scalable, to protect all web-facing applications including websites, mobile apps and APIs
We tailor our approach and the technology to your requirements, with a dedicated team of “human-in-the-loop” data scientists constantly refining and tuning algorithms to meet your specific requirements as well as adding context to threats and automated traffic anomalies.
Machine Learning Powered by Intent Analytics
Netacea understands bot behaviour better than anyone else, thanks to our pioneering approach to detection and mitigation. We focus on what the bots are doing (not how they’re doing it), so malicious bots are hunted out and genuine users are always prioritised. Welcome to a new era of bot mitigation.