Three Questions to Consider When Evaluating Your CDN Provider’s Bot Solution

Three Questions


When looking for the right bot management solution, technology leaders know that it’s important to really dig in and evaluate what best fits their business. Some companies have made the mistake of committing their entire bot management strategy to a content delivery network (CDN) provider, not realizing what this decision really means from an accuracy and cost standpoint, or for flexibility in the future.

A CDN is designed to provide optimized delivery of content through a geographically distributed group of servers that work together. It provides high application availability and performance, by reducing the physical distance, and thus the latency, between the server and the user requesting content. CDN is an umbrella term spanning different types of content delivery services which can also crossover into the security realm.

Many CDN providers tack on security solutions like distributed denial of services (DDoS) protection and web application firewalls (WAF). These solutions are often positioned as bot management capabilities. While these products work well to stop volumetric attacks like DDoS and provide basic filtering capabilities, they fall short when it comes to stopping sophisticated bots that target business logic and attempt attacks such as account takeover, fake account creation, carding, gift card fraud, online scalping and web scraping. Sophisticated bots that attack business logic require a different approach: a purpose built solution to block them. Here are three questions to consider when evaluating the right bot solution for your business.

Is Good Enough Good Enough?

If you’re looking to stop volumetric attacks like DDoS and block simple botnets, a CDN or a WAF may be sufficient. These solutions give you the basic tools necessary to respond to bot attacks after-the-fact by manually configuring rule sets. While this may be effective in stopping simple bots, persistent attackers can quickly work around these simple (Read more...)

*** This is a Security Bloggers Network syndicated blog from PerimeterX Blog authored by PerimeterX Blog. Read the original post at: