Post on 14-Apr-2017
The First Easy and Accurate Way to Defend Websites Against Malicious Bots.
Distil Networks 2015 Bad Bot Report 5 high-risk lessons
Rami EssaidCEO & Co-Founder
Craig SpiezlePresident
Fortune 500 & Alexa Global 10,000 CustomersEcommerce
Travel
Publishers
Directories
Traditional Media
Marketplace
Services + Retail
Market Leader in Bot Detection and Mitigation
○ Only bot detection vendor to be included in Gartner’s 2015 Online Fraud Detection Market Guide
○ Key Attack Trend: “Fraudsters spreading their attacks over thousands of IP addresses”
○ Key Inclusion Criteria: “Ability to detect online fraud as transactions occur in real time or near real time”
○ Interesting to note: No WAF vendors in this report (as their detection model is primarily rules-based)
Purpose Built Solution, Not a Feature
Bot Detection is a New Category, NOT a Feature○ NOT a Content Delivery Service (CDN)
○ NOT a Distributed Denial of Service (DDoS) protection solution
○ NOT a simple IP list or set of scripts
○ NOT a Web Application Firewall (WAF)
A purpose built bot detection solution is always updating and evolving
How Companies Benefit from Distil Networks
Increase insight & control over human, good bot & bad bot
traffic
Block 99.9% of malicious bots without impacting legitimate
users
Slash the high tax bots place on internal
teams & web infrastructure
Protect data from web scrapers,
unauthorized aggregators & hackers
The World’s Most Accurate Bot Detection System
Inline FingerprintingAnalyzes over 40 bits of information from each client request. Fingerprints stick to the bot even if it attempts to reconnect from random IP addresses or hide behind an anonymous proxy Known Violators DatabaseReal-time updates from the world’s largest Known Violators Database, which is based on the collective intelligence of all Distil-protected sites
Behavioral Modeling and Machine Learning Machine-learning algorithms pinpoint behavioral anomalies specific to your site’s unique traffic patterns
The World’s Most Accurate Bot Detection System
Browser Automation Tool DetectionJavaScript Validation on the connection stream identifies browser automation tools
Advanced Rate LimitingSet rate limits such as pages per minute, pages per session, and session length
“Good Bot” Authentication Validate that good bot requests (Google, Bing, etc.) map to the correct user agent and IP range
501c3 Non-Profit - To enhance online trust, while promoting best practices, innovation and the vitality of the internet.
○ Goal to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users' security, privacy and identity.
○ OTA supports collaborative public-private partnerships, benchmark reporting, meaningful self-regulation and data stewardship.
OTA Mission, Goals & Values
About OTA
○ Infrastructure and Resiliency○ Advertisers and Publishers – Click fraud○ Fraud – contests, account sign up and
related forms of online abuse○ Content abuse and copyright violations○ Distribution of privacy and security
malware
The Impact of Bad Bots
The Magnitude of the Problem
Anti-Bot Ecosystem
2015 Bad Bot Landscape Report
Bad Bot, Good Bot and Human Traffic, 2014
2013 vs. 2014
Traffic by Size of Site
Know Your Numbers
High Risk Lesson #1
5 High Risk Lessons
Traffic by Type of Site
Understand Your Site-Specific Vulnerabilities
High Risk Lesson #2
5 High Risk Lessons
Worst Bad Bot Originators
Identify and Block Worst Offending Organizations
High Risk Lesson #3
5 High Risk Lessons
Mobile Bots Arrive in Droves
Bad Bot Self-Reported Browser, 2014 Actual Browser Usage, 2014
Worst Offending Mobile Carriers, Beware of China
Bad Bot Traffic as Percent of Overall Traffic, U.S., China and Rest of World
Protect Your Mobile Site High Risk Lesson #4
5 High Risk Lessons
Countries Originating Most Bad Bots & “Bad Bot GDP”
Countries Most Often Blocked
Geo-IP Fencing High Risk Lesson #4
5 High Risk Lessons
Simple, Average & Sophisticated Bots
Bot Sophistication Levels & Bots Mimicking Humans
Bot Sophistication Levels
Bot Mimicking Human Behavior
High Risk Lesson #5 WAFs are Not Enough
5 High Risk Lessons
A More Widely Dispersed Bad Bot Landscape
Bad Bot Traffic By Hour Countries Originating at Least 1% Bad Bot Traffic
Visualizing Bots on Your Website - Demo
www.distilnetworks.com/trial/Promo Code: SCMAG
Offer Ends May 31th
Two Months of Free Service + Traffic Analysis