Websites are built to offer information and services for human consumption. However, it is not only people who visit websites. Many automated software programs, also known as bots, also visit websites, sometimes with far greater frequency than humans do. These bots visit websites with different purposes. While some are "good bots" – for example, search engine crawlers, which benefit your website by indexing your pages – there are also malicious "bad bots" that can cause havoc. Such bots can compromise user accounts, scrape content and data, generate false reports, and slow down websites by visiting the pages too frequently.
Our Bot Defense feature is an upgrade to the Security Suite, and leverages our client-cloud architecture to categorize bots as either beneficial or malicious. Our unique technology enables us to identify malicious bots, and mitigate any detrimental impact they potentially make before they reach your origin servers.
How it works
In the cloud service, when we receive requests for protected web resources, we look for this encrypted telemetry and send it to the Bot Defense service, which decrypts, analyzes, and consolidates it into a user-understandable signal, and passes this info to our service. The info is routed to the configurable security rules engine, which has a set of rules to check the request against (for example, if no Nanovisor is detected this might indicate that the request came from a bot; or if the cookie timestamp was outside some number of seconds this might indicate the request had been copied and was being replayed; etc.). These rules allow the the rule engine to decide whether to pass the request on to the origin, create a log event, or block the request.
If you are interested in the Bot Defense upgrade, please contact your Instart account representative.