Brute Force Attacks
One of the oldest forms of automated attacks is the brute force attack, where password discovery is attempted by trying all combinations of letters and numbers to gain access to an account. Brute Force attacks have become increasingly sophisticated and efficient, now more often using databases of known users and passwords stolen from various systems. Any web application, consumer or enterprise, with a public web interface and user login is at risk for a brute force attempt.
While volumetric limits can be set up to prevent a repetitive attack, attackers now spread attempts over hundreds of connections at a slow rate of speed to evade those limits. CAPTCHA is another recommendation to prevent automated attacks, having the user enter text or solve a problem to prove they are human. As the easier to solve CAPTCHA can be solved with automation, the CAPTCHA have become increasingly complex, potentially illegible, and ultimately not very user friendly.
PerimeterX Bot Defender’s behavioral fingerprinting can identify humans with very high accuracy. It allows customers a good experience without requiring a CAPTCHA, while at the same time blocking positively all automated attack attempts. Bot Defender can see and block an attack that is spread over multiple networks.