CW Developer Network

Apr 13 2016   8:34AM GMT

Distil Networks: when bad bots feed on API endpoints

Adrian Bridgwater Adrian Bridgwater Profile: Adrian Bridgwater

Tags:
API management
Security

Can we make our mind up about the bots please?

1efergheroighe.png

One day we’re all about the good bots… and then we’re straight back to bad bot detection on the next.

Distil Networks, Inc. is a player in the (bad) bot detection and mitigation market.

The firm’s Distil API Security service is designed to protect vulnerable Application Programming Interface (API) endpoints from malicious traffic.

Distil API Security claims to be able to defend against developer errors and automated API scraping, as well as web and mobile API hijacking.

The software offered here is designed to protects all types of APIs such as:

• APIs serving web browsers,

• APIs serving mobile applications

• APIs serving Internet of Things (IoT) connected devices.

THE TECHNICAL CHALLENGE — According to Distil Networks, the technical problem here is due in large part to a rise in API-centric development, an approach in which web, IoT and mobile applications are designed to pull data from backend services via API calls, APIs are becoming an increasingly integral part of the digital world — however, many organisations struggle to manage the security of APIs, relying on simple authentication tokens or basic IP rate limiting to guard these critical attack vectors.

According to a recent Ovum survey of 100 IT and security professionals, 30 percent of APIs are designed without any input from the security team, and 27 percent of APIs proceed through the development stage without the security team weighing in.

“Unlike competing solutions that only track usage based on IP addresses, Distil API Security also tracks API usage based on ID tokens, which is important as recent findings from the 2016 Distil Networks Bad Bot Landscape Report shows that 73 percent of automated attackers spread their attacks across multiple IP addresses,” said Rami Essaid, co-founder and CEO of Distil Networks.

Distil API Security tracks API usage across both identification tokens and IP addresses to detect and block malicious activity, developer errors and abuse.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: