- 02 Nov 2023
- Print
- DarkLight
Overview
- Updated on 02 Nov 2023
- Print
- DarkLight
HUMAN Bot Defender overview
HUMAN Bot Defender is a behavior-based bot management solution that protects your web and mobile applications and APIs from automated attacks, safeguarding your online revenue, competitive edge and brand reputation.
Benefits
HUMAN Technology Platform Works With Your Existing Infrastructure
Bot Defender can be deployed anywhere with your existing infrastructure — no changes required. HUMAN Technology Platform can be integrated into any website within minutes. Over forty pre-built integrations support a wide range of content delivery networks (CDNs), load balancers, web servers and application servers. The out-of-band mode of operation is compatible with any cloud-based, appliance-based or serverless infrastructure.
Best-in-class Bot Protection for Your Web Apps, Mobile Apps and APIs
Safeguard your business with industry-leading bot detection accuracy and customizable mitigation for web and mobile applications and APIs. Bot Defender uses a combination of fingerprinting, behavior-based and predictive methods to detect bots and stop hyper-distributed attacks.
Block and Mitigate Bots with Unmatched Precision
The machine-learning-based HUMAN detector processes numerous data signals collected by the HUMAN sensor. The detector generates behavioral fingerprints to detect anomalies and continuously updates the sensor with new intelligence. The HUMAN enforcer is integrated inline with existing infrastructure to efficiently mitigate unwanted bot traffic based on the insights provided by the system and according to your business needs.
Preserve Page Load Performance and Minimize User Friction
Bot Defender preserves your real users' experience without sacrificing page load performance. The asynchronous execution of the sensor, out-of-band detector deployment, inline integration of the enforcer and extremely low false-positive rates ensure quick response times and a positive experience for your users.
Enable Your Team to Investigate, Analyze and Report
Bot Defender provides advanced investigation, analysis and reporting capabilities, enabling customization of parameters and policies according to your business needs.
Stay Secure with Always-available Proactive Experts
Our 24/7/365 proactive security team is always available via multiple channels, including email, phone and Slack. They function as an extension of your team, investigating and resolving security incidents with insights and expertise you can count on.
Architecture
The HUMAN Bot Defender architecture is based on the following three elements:
HUMAN Sensor
HUMAN JavaScript snippet is inserted on your website and loads the HUMAN Sensor to your browser. The Sensor collects and sends data to analyze the user’s and device’s behavior as well as different network activities. The sensor analyzes the authenticity of the device and application, and tracks user behavior and interaction.
HUMAN Detector
The cloud-based detector evaluates sensor and enforcer data in real-time using machine learning and behavioral analytics to create a risk score. The risk score identifies whether a user is malicious or not and is sent in a secure and encrypted token back to the user’s device.
HUMAN Enforcer
A lightweight module that is installed on your choice of web application, load balancer or CDN and is responsible for the enforcement functionality of the HUMAN solution.
How the blocking works
For each activity on the HUMAN Enforcer, an async request is sent to the HUMAN Detector. The HUMAN Detector, in turn, sends a command to the HUMAN Enforcer.
The command arrives via a cookie, or in the absence of one, as a synchronous s2s request (similarly to cases such as cookie expired, cookie validation/decryption failed, sensitive route, etc.)
The command contains the appropriate course of action (allow, block, challenge, etc)