Bots (nonhuman automated tools) are growing in popularity and create a real threat to websites and applications. Bots are ideal workers for repetitive and complex tasks and can easily and efficiently run on different hosts and cloud services—or as malware on infected machines. Bots are participating in different types of attacks impacting all types of applications and businesses—performing the entire scale of attacks from scraping, account abuse (account creation or account takeover), credit card and coupon guessing, application layer distributed denial of service (L7 DDoS), scalping, and click fraud. Bots range in complexity and abilities from simple scripts to full browser-based tools that can render complex pages and even solve CAPTCHA challenges.
Ido Safruti and Chris Federico review how bots work, explain how to operate a few common bots, and, most importantly, show what you can do to detect and block malicious activity while enabling your users and good bots to work uninterrupted. In order to detect and protect from different bots, Ido and Chris first introduce a few common bots used by attackers, like PhantomJS and Selenium, to create a testing environment and verify that we can efficiently detect such tools.
Then Ido and Chris explore a variety of techniques and open source tools and libraries you can use in order to detect different bots and outline the things to consider when you suspect a request is being originated by a bot, such as:
Ido Safruti is the cofounder and CTO at PerimeterX, which is building a behavior-based web security service. Previously, Ido headed a product group in Akamai focusing on web performance and scalability. Ido joined Akamai through the acquisition of Cotendo, where he led product and strategy. His earlier roles include GM in charge of product engineering and operation, R&D manager, chief scientist, and head of engineering at various companies and the Israeli intelligence, where he focused on high-capacity, large-scale web and network services and cybersecurity systems.
Christopher Federico is the lead solutions architect at PerimeterX. Previously, Christopher held roles as a product manager at CloudFlare for web application firewalls and enterprise CDN logging; manager of the solution center for the Americas at Check Point Software Technologies, where he led presale escalations and major proofs of concept; and various roles in VeriSign’s managed services division. Chris loves working on problems at scale, cooking great food, and backpacking California.
Comments on this page are now closed.
©2016, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com