Application Security

Three Questions to Consider When Evaluating Your CDN Provider's Bot Solution

by
Three Questions

Introduction

When looking for the right bot management solution, technology leaders know that it’s important to really dig in and evaluate what best fits their business. Some companies have made the mistake of committing their entire bot management strategy to a content delivery network (CDN) provider, not realizing what this decision really means from an accuracy and cost standpoint, or for flexibility in the future.

A CDN is designed to provide optimized delivery of content through a geographically distributed group of servers that work together. It provides high application availability and performance, by reducing the physical distance, and thus the latency, between the server and the user requesting content. CDN is an umbrella term spanning different types of content delivery services which can also crossover into the security realm.

Many CDN providers tack on security solutions like distributed denial of services (DDoS) protection and web application firewalls (WAF). These solutions are often positioned as bot management capabilities. While these products work well to stop volumetric attacks like DDoS and provide basic filtering capabilities, they fall short when it comes to stopping sophisticated bots that target business logic and attempt attacks such as account takeover, fake account creation, carding, gift card fraud, online scalping and web scraping. Sophisticated bots that attack business logic require a different approach: a purpose built solution to block them. Here are three questions to consider when evaluating the right bot solution for your business.

Is Good Enough Good Enough?

If you’re looking to stop volumetric attacks like DDoS and block simple botnets, a CDN or a WAF may be sufficient. These solutions give you the basic tools necessary to respond to bot attacks after-the-fact by manually configuring rule sets. While this may be effective in stopping simple bots, persistent attackers can quickly work around these simple defenses by using more sophisticated techniques like varying device fingerprints or mimicking human behavior. Business logic attacks like carding, scraping, credential stuffing, fake account creation and inventory hoarding are especially hard to stop using just DDoS and WAF capabilities. These attacks can be highly distributed and fly low and slow, under the radar of most WAFs and DDoS detection engines. Another important consideration is the accuracy of detection - an area where these basic tools fall short. False positives can cause frustration and increase support costs while false negatives can lower your operational efficiency and burn your team’s time chasing down the bots that got through, but shouldn’t have.

If you want the ability to stop a broad spectrum of bot attacks, consider a modern purpose-built bot management solution that can effectively combat bot attacks of varying sophistication, including the low and slow attacks that target your business logic. By combining fingerprinting, behavior-based and predictive detection methods, such solutions can protect your web and mobile applications as well as API endpoints with high levels of accuracy. Your teams can then focus on more value-added activities such as helping your business grow.

What is the Real Cost of Add-on Services?

Companies should be cautious anytime a vendor sells a two-tiered offering of their bot solution with packages such as basic and premier. The basic version of the product might be cheaper, but the ongoing services fees - to tune, add rule sets and integrations - could continue to nibble away at your budget for years. If you’re unsure whether a basic solution will cover your needs, it’s easy to be convinced to purchase a solution that includes additional security and professional services. Make sure you ask questions about the tiered approach. If it is to supplement technology that is not highly accurate, you might want to consider an alternate vendor.

To steer clear of a solution that adds the burden of professional services costs or more employees to tune and manage it, you’ll want to consider an automated and highly accurate solution that defends against a full range of bot attacks, both known and unknown. The solution should provide a combination of fingerprinting, behavior-based and predictive methods to detect bots and stop hyper-distributed attacks with high accuracy. This will ensure fewer false positives. An ideal solution will have hundreds of machine learning algorithms and models that will continuously learn new bot behaviors.

A solution with a comprehensive and automated approach can enable you to stay on top of potential threats from all bot types and relieve the pressures on your existing team. An ideal solution will help you save on resources by automating the detection of business logic abuse threats.

Are You Locking Yourself In?

Content delivery architectures evolve and over time you may find yourself wanting to switch, or managing multiple environments due to acquisitions or consolidation. A bot management solution that is tied to your CDN could leave portions of your infrastructure, such as the origin servers or staging environments, exposed. It could also fragment your threat detection by only providing a partial view of bot traffic, pushing more of the threat response burden onto your teams. Using a general purpose vendor for both CDN and bot management capabilities means that your ability to take advantage of newer delivery architectures is constrained, and limits your bot management efficacy.

If you want the ability to use best of breed security solutions, it is important to consider a bot management vendor and a CDN vendor that allow you to mix and match as your business and architecture needs change. This will ensure that you can evolve and scale your application delivery architectures in accordance with your business requirements. It will also ensure that your bot management solution is deployed and effective across your hybrid environment. A top tier bot management solution that is flexible enough to integrate with multiple components of your application delivery architecture - including all the leading CDNs, load balancers, web and application servers, as well as other components critical to the customer journey such as identity management services - will lead to higher levels of accuracy, less manual intervention and a better customer experience. This approach gives you the maximum flexibility, avoids vendor lock-in and enables your application delivery architecture to scale according to the needs of the business.

Conclusion

Based on your answers to these questions, it might be time to consider a sophisticated bot management solution that gives you flexibility and better fits your business needs.

PerimeterX Bot Defender is a behavior-based bot management solution that protects your websites, mobile applications and APIs from automated attacks, safeguarding your online revenue, reducing the risk of data breaches and improving operational efficiency.

The cloud-native PerimeterX Platform integrates into your existing infrastructure and automatically scales to meet demand. No changes or migration are required. The platform has over forty pre-built PerimeterX Enforcer integrations that support a wide range of CDNs, load balancers, web servers and application servers. The out-of-band mode of operation is compatible with any cloud-based, appliance-based or serverless infrastructure.

PerimeterX was recognized as a leader in The Forrester New Wave™: Bot Management, Q1 2020 report, which evaluated 13 vendors in the bot management market on criteria related to product offerings and business strategy. PerimeterX received differentiated ratings, the highest ratings possible, in the attack detection, attack response, threat research, feedback loops, performance metrics, vision, roadmap and market approach criteria. According to the report, PerimeterX “leads the pack with robust machine learning and attack response capabilities” and quotes a customer stating PerimeterX Bot Defender “was extremely easy to deploy in production and maintain.”

As you go through your evaluation process, PerimeterX is here to help you. We are so confident in our solution, PerimeterX Bot Defender, that for new customers, we are willing to buy out the remaining term for your current bot management solution, for a period of up to 90 days. Interested? Contact us here to get the process started.

PerimeterX is Named as a Leader in Bot Manangement by Forrester

Download Report
© PerimeterX, Inc. All rights reserved.