Crunchbase is the leading platform for professionals to discover innovative companies, connect with the people behind them, and pursue new opportunities. Over 50 million professionals — including entrepreneurs, investors, market researchers, and salespeople — trust Crunchbase to inform their business decisions. And companies all over the world rely on us to power their applications, making over a billion calls to our API each year.
Crunchbase is the premier source of business information on private and public companies. Customers rely on this business intelligence to fuel winning investments, partnerships and sales engagements. To protect the company’s margins and competitive standing, it is vital that the company’s security team effectively safeguards this online resource. On a continuous basis, the security team needs to guard against account takeover attacks and scraping.
Given the persistent threats to its data and site, the security team at the media company deployed a bot defense product from one of the established bot management vendors in the market. However, the team soon realized that the product’s false-positive rates were far too high.
This meant legitimate users were being flagged as malicious and blocked, which reflected poorly on the company and was frustrating to users. Exacerbating matters was the fact that the internal team had to spend an inordinate amount of time handling customer complaints, managing and remediating tickets and helping resolve access issues created from false positives.
In addition, users were encountering undesirable CAPTCHA technology used to block bots, which was proving problematic and frustrating. Many legitimate users were encountering issues with this functionality, increasing the rate of visitors having negative or subpar experiences when interacting with the site.
Consequently, it was vital for the company’s security team to implement an alternative bot defense solution, one that would offer strong safeguards against bots, while eliminating the false positives that were associated with the legacy system. The solution had to provide a high level of flexibility and granular control over user permissions and access. In addition, the solution had to offer operators the flexibility to bypass the platform completely in certain circumstances.
We can see the evidence of bot traffic in our logs all the time — and it’s clear this traffic is quite frequently suspect in nature.
The media company’s team needed a solution that would block bot traffic while ensuring authorized users received an optimal experience — so they turned to PerimeterX. PerimeterX Bot Defender is a powerful, accurate and proven bot management solution for detecting and mitigating bots. The solution employs behavior-based analytics to detect anomalies and prevent even the most sophisticated bot attacks.
PerimeterX offered a range of features that were optimally aligned with the team’s requirements:
Deployment Flexibility: The solution offered a deployment option that integrated with their existing gateway.
Flexible Control: This implementation approach gave them the control they needed to selectively enable traffic to bypass (as needed) bot blocking based on established parameters.
Improved Accuracy: Compared to their prior solution, PerimeterX offered much higher bot detection efficacy. The solution helped the team ensure bots were detected and blocked while enabling customers to gain the access they needed.
By implementing PerimeterX Bot Defender, the media company realized compelling benefits:
Enhanced Reliability: Authorized users can now consistently access the critical resources they need when they need them. Further, customers can have more confidence in the data accessed, knowing that bots are blocked from making any unauthorized modifications to data.
Improved User Experience: Now, users can more consistently enjoy optimal performance because bots aren’t consuming resources. For example, security team staff members noticed that a new bot started targeting the site with a huge wave of traffic, which ultimately could have placed a significant drain on resources and diminished the customer experience. In real-time, PerimeterX learned the pattern of the new bots and blocked immediately.
Improved Staff and Operational Efficiency: Internal support teams have been able to avoid all the time and effort associated with the prior tool’s false positives. The team dramatically cut the time they spend on following up with customers to fix erroneous access issues, as well as managing the tickets and remediation efforts associated with these issues.
I would absolutely recommend PerimeterX to any team that’s trying to battle bot traffic, quite simply, PerimeterX works as advertised. The solution is invaluable in stopping the bots that can scrape or compromise our data. At the same time, the solution minimizes the false positives that can frustrate site users, and waste our staff’s time and resources.
Using machine learning and behavior-based analytics, PerimeterX solutions detect and block automated bot attacks and client-side threats with unparalleled accuracy. Your online business is protected while preserving user experience and page response times.
PerimeterX is cloud-based and platform-agnostic. Using machine learning, we constantly update our library of attack patterns based on interactions with applications, fingerprints from devices and network characteristics to protect against the next new threat.
To keep watch over your web and mobile applications and APIs, PerimeterX functions as an extension of your team and provides responsive, best-in-class service and around-the-clock security analyst oversight.