Verizon DMS' Bot Mitigation from Paul Hobbs
- 1. The bot-mitigation solution offered by Verizon helped StubHub identify and block bots performing scraping and helped reduce transaction fraud and account takeovers. Marty Boss Senior Director, Technology Operations, StubHub 0 20 40 60 80 100 A powerful bot-mitigation solution for accurate web-application protection 19% of traffic are really bad bots causing problems A “bot” is an automated program that runs on the internet. Although many bots are designed to be helpful and useful, a rapidly growing number of bots are created with malicious purposes. These bad bots are created by hackers, unethical competitors and fraudsters who use them to exploit businesses in countless ways, including: scanning for vulnerabilities, stealing content, abusing account credentials, stealing personal data, and causing denial of service to your web applications. Verizon Digital Media Services’ bot-mitigation solution is integrated into our effective multi-layer defense approach. Its purpose is to address all bot problems included in the OWASP Automated Threat Handbook, plus defend against advanced, persistent bots that attack, abuse and exploit your web applications. Key benefits • Protect your web application by stopping bad bots • Secure your APIs against abuse, misuse and user errors • Obtain accurate analytics free of bad data generated by bots • Create great user experiences with fast web-application load times • Lower infrastructure costs by eliminating unnecessary bot traffic Bad bots 19% Good bots 27% Humans 54% Average website traffic distribution Verizon bot mitigation | Overview Skewed analytics Downtime Digital ad fraud API abuse Web scraping Security breach Spam Online fraud
- 2. Accurate protection Firewalls, WAFs and IDS systems were never designed to stop and manage the volume, variety and sophistication of today’s bots and botnets. The Verizon difference? Ease of use and accuracy. Our bot-mitigation solution features self-optimizing protection that blocks 99.9% of malicious bots without impacting legitimate users. Quickly fine-tune your own settings, and enjoy complete control over how you manage bots and use the service. White-glove support We provide a dedicated team of security analysts that fine-tunes your implementation and manages the bot- mitigation program on your behalf. This includes real-time threat detection and response and post-incident reporting, ensuring you stay one step ahead of your adversaries. Known Violators Database Real-time updates from the world’s largest Known Violators Database of bad bot Hi-Def fingerprints is based on the collective intelligence of all Verizon-protected sites. In addition, we curate real-time threat intelligence feeds from third-party fraud, spam, malware and proxy lists, all of which are updated and used to protect you in real time. Challenges and browser validation We validate that a browser is exactly what it claims to be, and through challenges and deep interrogation, we make sure the browser is being used by a human, not a bot. Even browser automation tools like Selenium and PhantomJS can’t escape our detection. Inline Hi-Def device fingerprinting This feature analyzes over 200 attributes of information from each client request. Hi-Def fingerprints stick to the bot even if it attempts to reconnect from random IP addresses or hide behind an anonymous proxy. Device-based rate limiting Rate limiting is based on our Hi-Def Fingerprints, not IP addresses. Predictive analytics show you how your traffic will be affected when dialing up or down rate limits, such as pages per minute, pages per session and session length. Universal access control list Save time creating whitelists and blacklists by using our Universal Access Control List. Quickly create a policy, then apply it to a specific domain, URL/path, API or across your entire account. API security Our API security tracks API clients and monitors acceptable usage, acting as an automatic shield against API hijacking, scraping and abuse. It’s also an insurance policy against developer errors and integration bugs. Behavioral modeling and machine learning Machine-learning algorithms pinpoint behavioral anomalies specific to your site’s unique traffic patterns. We also proactively predict a bot based on correlating dozens of dynamic classifications, which is in comparison to the reactive approach inherent in most Web Application Firewalls (WAFs). We also offer an enterprise WAF that boasts unprecedented agility, with rule updates that are applied globally in two to five minutes – up to 900 percent faster than comparable products. Edgecast Content Delivery Network Our enterprise CDN leverages a more efficient, centralized distribution architecture that’s optimized for today’s internet. We’ve built a highly interconnected global network, featuring massive bandwidth capacity and advanced caching and acceleration strategies. We also embrace best-in-class, open-source technologies and fast-routing IP Anycast technology for powerful, lightning-fast performance that spans the globe. Physical or virtual appliance Enjoy premium security out of the box thanks to: • Easily install on virtualized or bare metal appliance(s) • Seamlessly integrate with CDNs, load balancers and other network infrastructure • Automatically obtain new bad-bot fingerprints via a heartbeat up to the cloud Our multiple deployment options don’t require changes to your underlying web infrastructure and won’t impede current or future integrations. Why Verizon Digital Media Services Flexible deployment Contact us info@verizondigitalmedia.com 1.877.334.3236 www.verizondigitalmedia.com Trustedbytheworld’smostsuccessfulwebsites