Bot Management Strategy - Defense against malicious bots with F5 Distributed Cloud Bot Defense

In Part 3, I will explore how you can defense against malicious bots with F5 Distributed Cloud Bot Defense. Please refer below for Part 1 and Part 2.

Part 1 - Governance and Automation - Distributed Apps for Hybrid Cloud Architecture

Part 2 - API Security Strategy - Discover and map APIs, block unwanted connection and prevent data leakage

Defense against malicious bots with F5 Distributed Cloud Bot Defense

Bot are becoming prevalent and its everywhere in the digital economy. Its multiplying. Bots causes harm across organization. It impacts beyond security. It has significant impact on the business. Today, I am going to share how you can defense against malicious bots and ensure a safe, fast and seamless user experience.

According to Statista research on distribution of bot and human web traffic worldwide (2014 – 2021), approx. 43% of Internet traffic are bot and out of this 43% bot traffic, about 28% are bad bot. Bot also becoming intelligent and smart. They can circumvent many bot detection technologies.

Bots are difficult to stop. Criminal often retool to bypass defenses, rapidly solving CAPTCHAs and mimicking human behaviour.

Bot management enables organizations to distinguish the good bots from the bad so they can identify and block unwanted and malicious bot traffic.

Does your organization have challenges caused by bot especially bad and malicious bod? or are you aware that your digital asset constantly being targeted by bots? Are you certain that you are not targeted by Bot? Do you have a strategy to assess, monitor and prevent the risk causes by Bot?

"Often than not, by the time organization realise they have a problem case by bot – especially those malicious bot, incident or fraud already happened."

Hence it is crucial for organization to have a strategy to monitor and prevent this malicious bot from happening. Having a good bot management strategy similar like having a good disaster prevention philosophy.

Bot management is the practice of knowing how bots impact your business and understanding their intent so you can respond appropriately to all incoming bot activity. Not all bots are “bad,” after all. The “good” bots are the ones we rely on—for example, search bots that help customers find what they’re looking for on the web, and chatbots that improve customer experiences. Bad bots are ones that hoard resources, perform account takeovers and credential stuffing, launch distributed denial-of-service (DDoS) attacks, and steal intellectual property or impact your business intelligence.

Bot mitigation boils down to reducing the risk of a bot-related threats and removing any unwanted bot traffic from your network. Bots are the driving force behind automated attacks—automation being the starting point for majority of today’s attacks. But that’s not all: bots also muddy business intelligence, which becomes a problem for the entire business. Therefore, it’s critical when looking at your overall security strategy to not only to consider how you will mitigate malicious bots but also to filter out unwanted bot traffic in general.

At F5, we define bot threats as any automated misuse of functionality or action that adversely affects web application. That’s why it’s important to keep in mind that the bot itself isn’t the true culprit: it’s the bot operator.

Here is the Arcadia application architecture setup for this showcase. This is the 3rd part of the series. This application was deployed via a CI/CD pipeline demonstrated in Part 1. Please refer to Part 1 for the deployment of this modern distributed application and Part 2 on how to discover and map APIs, block unwanted connection and prevent data leakage.

F5 Bot Defense stop malicious bot and attacker automation at the edge and allow legitimate user or good bot in. It is a Security as a Service hosted on F5 Distributed Cloud platform.

In this demo, I will show how and attacker can use automation to execute a brute force attack or automated testing of credential. Similar technique can be used for credential stuffing attack. According to F5 Labs 2021 Credential Stuffing report, 1.86 billion credentials were stolen in 2020. Credential stuffing basically a method used by attacker to gain unauthorize access to account by mean of automation and impersonate of a real customer. Attacker will use a list of compromised user credential to breach into a system. This compromised user credential can be source from darknet.

It is hard to detect this type of bot as the tools that it launched just an ordinary browser like a human does. F5 Distributed Cloud Bot Defense collect wide-variety of signals, including behavioural biometric from human interaction from key stroke, mouse click and movement and so on. By combining these signals, we are able to setup highly sophisticated policies with advance machine learning for determining if an end-user is in fact a bot.

Efficacy is crucial to distinctly identify a real human verses a bot. F5 Distributed Cloud Bot Defense provides high efficacy to address the problem and reduce customer frictions