Jul/Aug 19 - ChannelVision Magazine

And when there is a financial im- pact, people pay attention. Busi- nesses must allow the good bots, which help their business grow, while blocking the bad ones that can potentially cause harm. CV: Are most people aware of the threat that bad bots pose, or is education lacking in this space? RW: The industry has a long way to go with education, but what’s so interesting is that companies that understand the threats are acutely aware of both the overall threats and the impact to their businesses. We’ll often consult with busi- nesses that only care about one very specific bot problem. They know about the others, but there is a financial or operational impact to their business with one specific threat or nuisance. One of the best tools that we use at Radware to raise awareness in a customer environment is our free Bot Analyzer assessment. By analyzing historical webserver logs, Radware can assess bot traffic on the network and provide the cus- tomer with a detailed report of their bot traffic. Radware Bot Analyzer is a free service for businesses susceptible to bot activity and those who’d like to get a better knowledge of the impact of malicious bots on their organization. CV:Where are you seeing the most demand for bot management services right now? RW: Truly every vertical is dif- ferent, and each buys a bot man- agement solution for a different issue. Bad bots are present across nearly all industries and verticals. Some industries attract more bad bots than others. E-commerce, on- line marketplaces and classifieds, media and publishing, and real estate have the highest percentage of bad bot traffic. o EMERGENT Includes advanced detection techniques The rise of highly sophisticated humanlike bots in recent years requires advanced techniques in detection and response. Selection and evaluation criteria must examine the various methodologies that the vendor’s solution uses to detect bots, e.g., device and browser fingerprinting, intent and behavioral analyses, collective bot intelligence and threat research, as well as other foundational techniques. Is continuously adaptive to mitigate constantly changing threats An effective solution must include deep learning and self-optimizing capabilities to identify and block consistently evolving bots that alter their characteristics to evade detection. Make sure that the solution you choose can match the deception capabilities of these sophisticated bots. Ask for examples of sophisticated attacks that the solution was able to detect and block. Can detect all four generations of web bots The four current generations of bots each require different approaches to mitigation. Earlier generations can be defeated with techniques such as blacklists, fingerprinting, java script, etc. But modern bots extend their capabilities beyond scripts and headless browsers. Humanlike bots and advanced distributed bots require complex user behavioral analysis, where a bot’s intent can be understood and neutralized if needed. Includes robust automated response capabilities It’s important to choose a solution that offers multiple response mechanisms to bot traffic. Look for options that include not only blocking but also limiting, custom actions based on threat identification and even serving fake data to the bot. Flexibility in deployment Every single network is different. Choose a provider that can deploy exactly the way you need it. A bot-mitigation solution should provide easy and seamless deployability without infrastructure changes or the risk of rerouting traffic. Does your architecture require an in-line solution or something out-of-path? Do you want it to detect and mitigate or only detect and notify? Be sure to look for options that can be standalone or integrated with a WAF for complete coverage. Clean, feature-rich reporting for optimal visibility Reporting is a critical aspect of any tool. Having access to granular reports can be crucial, yet too much information also can hide what you’re looking for. Choose a solution with clean, easy to understand reporting, which can also present granular detail when you want it to. Look for additional integration with popular analytics platforms such as Adobe or Google Analytics to provide reports on non-human traffic. Adherence to data security practices, privacy and compliance factors For many organizations, their application and the data it supports is among their most valued assets. A bot mitigation solution should ensure that traffic does not leave a network — or in case it does, data should be in an encrypted and hashed format to maximize privacy and compliance. Ensuring that the bot-mitigation solution is compliant with the GDPR regulations pertaining to data at rest and data in transit will help to avoid personal data breaches and the risk of financial and legal penalties. Criteria for Choosing a Bot Management Solution According to Winward, navigating bot management solutions can be a daunting task. To help, Windward offered the following checklist that agents can use to identify the best solution for a customer’s environment. 16 Channel Vision | July - August, 2019