Bots aren't always execute DoS attack to application. They can execute scraping, scalping, skewing, sniping and etc. These attack aren't always connected with high-rate traffic, like mostly in case of DoS. Also, it is good to have functionality to classify bots as good or bad. That is why ASM has these two different solutions: DoS Protection and Bot Defense.