DataDome Featured in Gartner’s Hype Cycle for Application Security, 2023
DataDome has been identified as a Sample Vendor of Bot Management in Gartner’s Hype Cycle for Application Security, 2023 report.
Hype Cycles are a graphic representation of the maturity and adoption of technologies and applications, and how potentially relevant they are to solving real business problems and exploiting new opportunities, published to help Gartner’s clients prioritize technology investments.
Important Notes About Bot Management
In the report, Gartner emphasizes the rise of “hu-bot” attacks, a combination of specialized bots with human-operated, fraud-farm services (such as CAPTCHA farms). Avoiding the damage of hu-bot threats requires ever-improving detection and response solutions.
Impact for Online Businesses
Enterprise leaders are increasingly recognizing that bot management crosses multiple use cases and business units. Malicious bots can negatively impact user experience (UX) by causing slower page load times, hoarding inventory, and facilitating account takeover (ATO) via credential stuffing and credential cracking.
However, legacy CAPTCHA tools (e.g. reCAPTCHA) can also degrade UX, hinder privacy compliance, and can be easily solved by bots and hu-bots, which drives further interest in bot management solutions that have minimal impact on human users. Advanced solutions can identify malicious bots and preserve the UX of legitimate users and authorized bots, such as search engine crawlers, automated testing, monitoring software, robotic process automation (RPA), and other machine-to-machine (M2M) communication.
Obstacles to Adequate Protection
For business leaders, the fear of blocking a single legitimate user is sometimes higher than the perception of the damage being caused by malicious bots. Concerns persist that many bot management vendors use CAPTCHA too frequently.
DataDome Tip: This can be solved by deploying a solution with a strong feedback loop to maintain a low false positive rate (like our industry-beating false positive rate of less than 0.01%).
Bundled offerings from some web application and API protection (WAAP) providers create difficulties when they justify bot management only for some applications, or to protect certain key application features like login pages.
DataDome Tip: The best approach is to implement complete protection that safeguards and analyzes every request across all endpoints.
A misconception among B2C mega brands is that no single bot management solution can mitigate all types of bot attacks, leading to some organizations relying on multiple vendors to mitigate the broadest spectrum of attacks. This can become overly complex and difficult to manage.
DataDome Tip: Ensure any bot and fraud protection you deploy is comprehensive, thorough, and offers a vast selection of easy integrations to protect you on any infrastructure.
4 Recommendations for Online Enterprises
- Assess the threat level to your business assets and the impact caused by bots, starting with the most business-critical and most exposed web applications and APIs.
- Evaluate the capabilities of any bot management tools that come with your WAAP or CDN platform. If the tools do not meet your requirements, evaluate advanced solutions.
- Select solutions that use various techniques to detect malicious bots, rather than relying primarily on IP reputation or attack signatures to identify “known bad” sources.
- Gauge the tool’s dependence on a siloed CAPTCHA challenge, ability to assess false positives, and what that CAPTCHA experience looks like. Ensure your customer UX is not negatively impacted. Reject any approach relying on mandatory CAPTCHA solving.
Assess Your Application Security Free With DataDome
Identified as a representative vendor in the Hype Cycle, DataDome protects websites, mobile applications, and APIs against malicious bots and online fraud on any infrastructure. To see the attacks targeting your platform in real time, start your free trial to access your threat dashboard now.
Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
*** This is a Security Bloggers Network syndicated blog from DataDome Blog – DataDome authored by DataDome. Read the original post at: https://datadome.co/bot-management-protection/datadome-featured-in-gartners-hype-cycle-for-application-security-2023/
