Intelligent CIO North America Issue 17 - Page 26

The attackers running these bad bots prefer to hide within the normal human traffic stream to avoid raising alarm bells .
“ While some bots like search engine crawlers are good , our research shows that over 60 % of bots are dedicated to carrying out malicious activities at scale ,” said Nitzan Miron , VP of Product Management , Application Security , Barracuda .
“ When left unchecked , these bad bots can steal data , affect site performance and even lead to a breach . That ’ s why it ’ s critically important to detect and effectively block bot traffic .”
Best practices to protect against bot attacks
When it comes to protecting against newer attacks , such as bots , defenders can be overwhelmed at times due to the number of solutions required .
The good news is that solutions are consolidating into WAF-as-a-Service offerings , also known as Web Application and API Protection ( WAAP ) services . This will improve both user experience and overall security . A few key steps include :
• Put proper application security in place . Install a web application firewall or WAF-as-a-Service solution and make sure it is properly configured . This is an important first step to make sure your application security solution is working as intended .
• Invest in bot protection . Make sure the application security solution you choose includes anti-bot protection so it can effectively detect and
stop advanced automated attacks .
• Take advantage of Machine Learning . With a solution that uses the power of Machine Learning , you can effectively detect and block hidden almost-human bot attacks . Be sure to turn on credential stuffing protection to prevent account takeover as well . p
26 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com