Bot Shield

클라우드 기반 종합 봇 방어 및 관리 플랫폼

Bot Shield는 봇이 귀사의 자산을 하이재킹하지 못하게 보호합니다.

씨디네트웍스의 CDN과 통합된 Bot Shield 플랫폼은 악성 봇을 제거하고 정상 봇을 원하는 방식으로 리디렉션하여 웹 보안을 강화하고 최종 사용자 경험을 향상시키며, 봇에 의한 자산 하이재킹을 방어합니다. Bot Shield는 실시간 대시보드, 보고, 분석 및 알림을 통해 사용자에게 모든 웹 활동에 대한 인사이트를 지속적으로 제공하여 성능 저하 없이 웹 애플리케이션을 보호하기 위한 최적화된 보안 프로파일을 보장합니다.

Bot Manager Monitoring

제품 혜택

악성 봇의 식별 및 제거를 통해 보안을 강화합니다.

정상적인 최종 사용자 동작의 검증을 통해 디지털 자산의 사기 및 남용을 방지합니다.

승인된 트래픽의 우선 처리를 통해 최종 사용자 경험을 개선합니다.

BOT SHIELD 기능

공격 모니터링 및 알림

  • 전반적인 모니터링 및 알림 서비스를 제공합니다.
  • Real-time notifications via visualizations, email or SM

디바이스 핑거프린팅 챌린지

정상적인 사용자의 행동 분석 기반의 웹 애플리케이션의 일반적인 사용 패턴을 파악하고, 표준 사용 동작, 활동 또는 빈도에서 벗어난 봇에 대해 사용자 정의가 가능한 보안 방식을 제공합니다.

휴먼 인터렉션 감지

50+ 속성 기반으로 가상 브라우저와 실제 브라우저의 해시 시그니처를 생성합니다. 이러한 독점 시그니처를 사용하여 실시간 상관 관계를 분석하여 악성 봇을 식별하고 차단합니다.

봇 혼잡 제어(Traffic Shaping)

Traffic control mechanism used to detect and delay traffic created by suspicious Bots, while also prioritizing and white listing authorized traffic. Flexibility to choose the right action for each event and take action against each threat type.

봇 가시성

  • 정상 및 악성 봇 공격과 트렌드에 대한 사용이 편리한 차트
  • 봇 공격 분석을 위한 정교한 로그 및 인시던트 쿼리 도구

Javascript 챌린지

모든 고객, 공격자 및 실제 최종 사용자에게 전송합니다. 사용자가 알지 못하는 사이 일반 브라우저는 챌린지를 통과하지만 일반적으로 JavaScript를 갖추고 있지 않은 봇은 실패하고, 이를 차단합니다.

CAPTCHA

Challenge intended to differentiate between Bots and humans. Scripted Bots are unable to solve the Captcha and repeat the words and numbers used the way humans can. User behavior model based on behavioral analysis and with pre-designed scenarios such as mouse movement and keyboard typing.

굿봇(Good Bot) 화이트리스팅

Recognize and remember good Bots and allow them access. Controls access by multiple dimensions, such as IP address, URL, user-agent, HTTP request header and region to meet various scenarios.

지능형 봇 감지

Detects and recognizes accesses from normal users, benign bots and malicious bots through real-time big data analysis. Incorporates threat library, beneficial bot library, rate limiting and machine learning functionalities.

사용자 지정 봇 정책

  • 고급 속도 제한
  • 사용자 ID, URI, IP 주소 등 기준의 액세스 속도 제한
  • 각 임계값에 대한 작업 공격성 레벨 선택

Bot Shield 다이어그램

Bot Shield 다이어그램

What is Bot Management?

Bot management is the practice of blocking or filtering malicious internet bot traffic while allowing useful bots to pass through. Useful bots can include those like Google crawlers which are in fact necessary to let through. Bot management involves detection of suspicious bot activity, figuring out which bots are exhibiting undesirable behavior that needs to be stopped and identifying the source of the bot.

How Does a Bot Manager Work?

Bot managers work by blocking malicious bots from hijacking your assets and thereby strengthening web security and the reliability of your mobile apps. They eliminate bad bots and redirect good bots the right way. As a result, the end-user experience is improved and your business protected from losses and reputation damage.

A bot manager comes in the form of a software product that accomplishes certain specific objectives. These include telling bots from human visitors, analyzing the bot’s behavior, reputation and origin IP addresses and IP reputation. Bot managers also enable you to add “good” bots to a list so that they can be allowed to do their job. For example, Google uses a bot to index a web page in order to rank them on Google search results. If these bots are not including the good bots list, it could affect your website’s ranking and organic traffic.

Bot managers could employ a variety of security solutions including machine learning algorithms and threat intelligence to assess bots, detect and block suspicious activity while allowing legitimate bots to operate uninterrupted.

For bots that are known and active, a static approach can help with detection. This involves static analysis tools that look for header information and web requests typical of bad bots.

A behavioral approach on the other hand can be used to distinguish between human users, good bots and bad bots by evaluating the activity and matching it against known patterns. 

A third approach involves challenges or tests that bots cannot perform easily. This can include the popular CAPTCHA verification test, Javascript injection and other methods.  

There are also bot mitigation services that can automate some of the above approaches. If you work with APIs, these services can also monitor your API traffic and implement rate-limiting to prevent API abuse. This rate-limiting helps restrict bots across a wide landscape instead of focusing on a single IP address. 

What is a Bot

But what exactly is a bot in the first place? Put simply, a bot is a program that is tasked with performing some actions without the need for further human intervention. The idea is that bots can automate some routine and repetitive tasks that could take humans much longer to get done, and do so with no errors. 

Bots can be programmed to do something as simple as fill out and submit forms, crawl a web page or download content. They can also be used to like, follow or interact with users on social media platforms. Examples of bots include the Google crawlers mentioned before, chatbots that automate responses to FAQs on websites.

Good Bots vs Bad Bots

Not all bots are equal or created with the same intentions. Some are created with a legitimate purpose while others are made solely to cause harm.

Good bots are those that assist humans with a service. These can include search engine crawlers, customer support chatbots that automate responses to FAQs and bots that help in monitoring performance of a website to alert owners and admins of anomalies. Any website that incorporates a bot must follow the rules outlined by Google in the robots.txt file.

Bots created specifically to misuse products, harm websites or interrupt services are bad bots. Some specific examples of bad bots include email harvesting bots that spam users to collect their email addresses, those that try to hack into user accounts and others that use up a website’s resource. Sometimes bots can be controlled remotely in a network called botnet, which can be used to launch cyber attacks like the DDoS threat.

A bot that performs a needed or helpful service can be considered “good.” Customer service chatbots, search engine crawlers, and performance monitoring bots are all examples of good bots. Good bots typically look for and abide by the rules outlined in a website’s robots.txt file.

Why is Bot Protection Important?

Without sound bot management solutions and strategies, your business can be susceptible to significant damage. These may come in the form of traffic overloads leading to web server downtime, denial of service to real users (DDoS attacks) and theft of personal information or user credentials. The bots can also be used for content scraping or defacing content on the website, stealing intellectual property or to launch phishing attacks, spam and other more dangerous cyber attacks.

Bot Management
Play Video