Bot Defense

The goal of a Threat Hunter is to find an attacker in the middle of an attack before they can cause damage. This entails hunting through thousands of requests trying to pick ...

One of our newest customers is a large, community-based retailer that had a mobile application and API account takeover problem. Roughly 12 months ago, they selected a JavaScript and SDK-based bot mitigation ...

All next week, experts from Cequence Security will be sharing key threat research findings and best-practice recommendations for protecting your organization from threats such as API abuse, account takeovers, fake account creation ...

In a previous blog, I talked about how the Covid-19 pandemic lockdown had corresponded to an increase in attack intensity. Since then, different parts of the country have begun to reopen, and ...

Thinly veiled as a web testing tool, OpenBullet a commonly used attack management toolkit that allows a bad actor to create and execute automated account takeovers and other types of attacks. Complete ...

When RSA Security announced end-of-life (EOL) for Silver Tail, a popular fraud prevention product, they left a lot of customers scrambling to find an alternative. If you find yourself looking for a ...

This blog will describe how account takeovers (ATO) can be executed against APIs using GET methods, as opposed to POST. It’s an excellent example of how bad actors will analyze an application ...

The last Tales from the Frontlines post focused on a single customer and the attack volume increase they experienced following the COVID-19 lockdown. In this installment, we will look at the increasingly ...

Of all of the automated business logic abuse attacks, the simple act of copying and pasting content from one web page to another is the most difficult for any technology to stop ...

Nearly every customer we speak with is in the process of executing a cloud migration initiative. In many cases, the cloud means first looking into SaaS as the deployment option for a ...