Kasada has updated its bot defense platform to add hundreds of sensors and machine learning algorithms that detect, in real-time, code that might otherwise bypass legacy approaches to detecting machine-generated traffic rather than that generated by an actual person.
Bots are widely employed for both nefarious and legitimate purposes, but regardless of the use case, they consume IT infrastructure resources that organizations would prefer to service traffic generated by actual end users. In many instances, cybercriminals are employing bots to launch everything from credential stuffing to distributed denial-of-service (DDoS) attacks.
Kasada CEO Sam Crowther said as bots using modern programming techniques have evolved, legacy detection platforms have not been able to keep pace with the evasion techniques that have become more advanced. Legacy platforms are now easily tricked by bots using fake data to “prove” they’re human in ways that defeat existing anti-bot systems and CAPTCHAs, he noted.
The Kasada platform addresses that issue by analyzing client code to discover and block bot traffic without impacting the user experience, added Crowther.
In addition, the Kasada service now provides detailed classification of traffic, drilldown and filtering capabilities and up to 12 months of data retention. Seamless integrations with any content delivery network (CDN) are also provided to eliminate customization or any need to train AI models.
Bots are driving a massive percentage of internet traffic to scrape data for web sites that are used, for example, on social media sites or to create a price comparison service to malicious networks set up by cybercriminal syndicates that have managed to compromise millions of endpoints. Regardless of purpose, most organizations invest in web applications to serve individuals, so bot traffic generally increases the total cost of IT in a way that provides little to no business value to an organization that built and deployed a website to host applications.
There’s little doubt that the builders of bots will be leveraging artificial intelligence (AI) to create more sophisticated platforms that will be increasingly difficult to detect without the aid of machine learning algorithms. In effect, providers of platforms for mitigating bot traffic, such as Kasada, are engaged in an AI arms race, so cybersecurity teams should pay close attention to the research and development efforts that providers of bot mitigation platforms are making on their behalf. It’s not clear how quickly providers of existing bot traffic mitigation platforms will be leveraging various forms of AI to reduce bot traffic, but to remain effective, most of them will in time. Each organization will need to determine to what degree they are comfortable waiting for those updates to be made versus opting to rely on a different service.
In the meantime, the percentage of traffic on the internet that is generated by bots is only going to increase. Organizations that don’t mitigate that traffic will find the total cost of IT is only going to rise as more compute resources are consumed serving it. Regardless of approach, IT organizations should assume that most bot traffic is not especially beneficial.
Recent Articles By Author