The First Easy and Accurate Way to Defend Websites Against Malicious Bots.

Distil Networks 2015 Bad Bot Report 5 high-risk lessons

Rami EssaidCEO & Co-Founder

Craig SpiezlePresident

Fortune 500 & Alexa Global 10,000 CustomersEcommerce

Travel

Publishers

Directories

Traditional Media

Marketplace

Services + Retail

Market Leader in Bot Detection and Mitigation

○ Only bot detection vendor to be included in Gartner’s 2015 Online Fraud Detection Market Guide

○ Key Attack Trend: “Fraudsters spreading their attacks over thousands of IP addresses”

○ Key Inclusion Criteria: “Ability to detect online fraud as transactions occur in real time or near real time”

○ Interesting to note: No WAF vendors in this report (as their detection model is primarily rules-based)

Purpose Built Solution, Not a Feature

Bot Detection is a New Category, NOT a Feature○ NOT a Content Delivery Service (CDN)

○ NOT a Distributed Denial of Service (DDoS) protection solution

○ NOT a simple IP list or set of scripts

○ NOT a Web Application Firewall (WAF)

A purpose built bot detection solution is always updating and evolving

How Companies Benefit from Distil Networks

Increase insight & control over human, good bot & bad bot

traffic

Block 99.9% of malicious bots without impacting legitimate

users

Slash the high tax bots place on internal

teams & web infrastructure

Protect data from web scrapers,

unauthorized aggregators & hackers

The World’s Most Accurate Bot Detection System

Inline FingerprintingAnalyzes over 40 bits of information from each client request. Fingerprints stick to the bot even if it attempts to reconnect from random IP addresses or hide behind an anonymous proxy Known Violators DatabaseReal-time updates from the world’s largest Known Violators Database, which is based on the collective intelligence of all Distil-protected sites

Behavioral Modeling and Machine Learning Machine-learning algorithms pinpoint behavioral anomalies specific to your site’s unique traffic patterns

The World’s Most Accurate Bot Detection System

Browser Automation Tool DetectionJavaScript Validation on the connection stream identifies browser automation tools

Advanced Rate LimitingSet rate limits such as pages per minute, pages per session, and session length

“Good Bot” Authentication Validate that good bot requests (Google, Bing, etc.) map to the correct user agent and IP range

501c3 Non-Profit - To enhance online trust, while promoting best practices, innovation and the vitality of the internet.

○ Goal to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users' security, privacy and identity.

○ OTA supports collaborative public-private partnerships, benchmark reporting, meaningful self-regulation and data stewardship.

OTA Mission, Goals & Values

About OTA

○ Infrastructure and Resiliency○ Advertisers and Publishers – Click fraud○ Fraud – contests, account sign up and

related forms of online abuse○ Content abuse and copyright violations○ Distribution of privacy and security

malware

The Impact of Bad Bots

The Magnitude of the Problem

Anti-Bot Ecosystem

2015 Bad Bot Landscape Report

Bad Bot, Good Bot and Human Traffic, 2014

2013 vs. 2014

Traffic by Size of Site

Know Your Numbers

High Risk Lesson #1

5 High Risk Lessons

Traffic by Type of Site

Understand Your Site-Specific Vulnerabilities

High Risk Lesson #2

5 High Risk Lessons

Worst Bad Bot Originators

Identify and Block Worst Offending Organizations

High Risk Lesson #3

5 High Risk Lessons

Mobile Bots Arrive in Droves

Bad Bot Self-Reported Browser, 2014 Actual Browser Usage, 2014

Worst Offending Mobile Carriers, Beware of China

Bad Bot Traffic as Percent of Overall Traffic, U.S., China and Rest of World

Protect Your Mobile Site High Risk Lesson #4

5 High Risk Lessons

Countries Originating Most Bad Bots & “Bad Bot GDP”

Countries Most Often Blocked

Geo-IP Fencing High Risk Lesson #4

5 High Risk Lessons

Simple, Average & Sophisticated Bots

Bot Sophistication Levels & Bots Mimicking Humans

Bot Sophistication Levels

Bot Mimicking Human Behavior

High Risk Lesson #5 WAFs are Not Enough

5 High Risk Lessons

A More Widely Dispersed Bad Bot Landscape

Bad Bot Traffic By Hour Countries Originating at Least 1% Bad Bot Traffic

Visualizing Bots on Your Website - Demo

www.distilnetworks.com/trial/Promo Code: SCMAG

Offer Ends May 31th

Two Months of Free Service + Traffic Analysis