Bot Management, Mitigation, and Protection

TL;DR: Half of all internet traffic is Bots. There are good and bad bots and it is important to be able to manage all bot traffic, mitigating the risk posed by bad bots so you can protect your customers and your business.

What is Bot Management?

Bot management is the practice of knowing how bots impact your business and understanding their intent so you can better manage all bot activity. After all, there are “good” bots and “bad” bots. The “good” bots are the ones we rely on—like bots that search for and find things on the internet or chatbots that drive improved customer experiences. Then there are “bad” bots—ones that hoard resources, perform account takeovers and credential stuffing, launch DDoS attacks, steal intellectual property or impact your business intelligence.

As a reminder, bot threats are often defined as any automated misuse of functionality or action that adversely affects web apps. Therefore, it’s important to keep in mind that the bot itself isn’t the true culprit, it’s the bot operator.

Watch Now: What are Bots?

Being able to manage all bots effectively will require separating the good from the bad. This is where bot mitigation comes into play—that is, identifying, blocking and mitigating the unwanted or malicious bot traffic that hits your network so you can reduce your risk.

What is Bot Mitigation?

Bot mitigation is far more than just identifying your bot traffic; rather it is about identifying and blocking unwanted bot traffic. Furthermore, bot mitigation boils down to reducing the risk of a bot-related threat.

Why Bot Mitigation is Critical

Majority of threats in any environment start with bots or botnets—they help cybercriminals achieve scale. Every kind of online interaction—website visits, API calls to mobile apps, and others—is being attacked by bots. Equally important, bots are also messing with business intelligence (BI).

These are the Top Business Impacts of Bad Bots:

Negatively Affects SEO – Web-scraping bots can copy and extract copyrighted or trademarked data from websites and reuse it—often for competitive purposes—on other websites. Because there are two versions of the content online, this can greatly diminish your site’s search authority.
Deteriorates Customer Trust – Bots can fill your customers’ inboxes with unwanted email containing malicious links, write fake product reviews, create fake social media accounts to write false or biased content, inflate views or follower counts, write provocative comments online to stir up controversy, rig votes, and more. These types of activities can frustrate customers, drive them away from your site, and ruin your reputation.
Skews Analytics – Attackers can use botnets to launch DDoS attacks that make an application or network unavailable. which can affect traffic metrics. In addition, bots can create non-existent leads by creating and then abandoning online shopping carts on an e-commerce site. The poor metrics that result can lead to poor marketing decisions later.
Destroys Advertising ROI – Bots can commit click fraud by automatically clicking on an ad. This skews data reported to advertisers, and costs companies a lot of money because they end up paying for non-human clicks. Even worse, those companies get no revenue from fake “shoppers.” Click fraud can also be used by companies to deliberately drive up the advertising costs of their competitors.
Loss of Revenue – Malicious bots can negatively impact the bottom line, whether it be from an unresponsive or flagged website; visitors redirected to a competitor; sales personnel chasing false opportunities/leads; paying more for clicked ads; or simply making poor business decisions based on bad data.

As bot technology and influencing factors such as machine learning and AI continue to evolve, so will the threats they pose. That’s why it’s critical, when looking at your overall security strategy, that you consider how you will filter out unwanted automated traffic and mitigate malicious bots in general.

How to Reduce Your Bot Risk

Preparing your organization to deal with the impact of bots will help ensure your Intellectual Property, customer data and critical backend services are protected from automated attacks. The best way to mitigate bot threats is to target the attack tool itself and adopt a layered security approach to manage changing attack vectors. While traditional IP intelligence and reputation-based filtering can help here, these technologies need to evolve to keep pace with smarter and smarter bots.

Here’s some steps you can take:

Add a focused Bot Protection solution to your security portfolio—one that extends the protections of your WAF technology.
Ensure your WAF can reduce and block unwanted traffic with capabilities such as proactive bot defense, headless browser detection, form and field-level encryption, layer 7 DoS mitigation, input sanitization, and behavioral analysis.
Move to fingerprinting to identify beyond IP addresses.
Use identity and reputation to help classify and prioritize bot vs. human traffic.
Create bot “acceptable use” policies to make it easier to interact with and service the good bots
Review and bolster business process to more efficiently deal with fraud-related problems—this makes your organization more secure and encourages fraudsters to choose easier targets.
Employ actionable threat intelligence to determine the likelihood of being attacked and prioritize your response.
Use traffic management tools that employ machine learning such as your WAF to quickly build and implement mitigations that help you address new and evolving threats.

Adopt a Bot Protection Solution to Manage and Mitigate Bot Threats

A Bot Protection solution should address technical and business challenges that bots create:

Proactively mitigate Your Bot Risk
Protect your applications from automated attacks like account takeover, vulnerability reconnaissance, or denial of service.
Optimize Business Intelligence
Eliminate unwanted bot traffic that skews your legitimate BI data. Focus your time and resources on real customer engagement.
Improve Performance, Availability, and Cost
By dropping malicious or unwanted traffic before it hits your applications, you can have a smaller and more predictable size of your applications’ supporting infrastructure.

F5 Provides Industry-Leading Bot Protection

F5 Bot Protection delivers proactive, multi-layered security that blocks and drops bad bot traffic before it can hit your network, mitigating bots that perform account takeovers, vulnerability reconnaissance and denial of service attacks targeted at your network or app layer. Automated threats require automated defenses.

More info:

https://www.f5.com/solutions/application-security/bot-management

RAPPORT 2019 SUR L'ÉTAT DES SERVICES APPLICATIFS : LES DÉFIS DU MULTICLOUD SONT RÉELS

Vous avez des questions ? AskF5.

Devenez partenaire F5 Unity

Quelles sont les dernières réflexions de F5 ?