Bad bot traffic

Secured.21: Combating the 21 types of OWASP Automated Threats

Print Friendly, PDF & Email

Nearly 40% of all internet traffic is now malicious bot traffic. Good bot traffic is also booming, but it’s lagging at “only” about 25% of all traffic. And this is taking place as organizations are increasingly migrating to hybrid or cloud-only environments, creating a wealth of new potential attack surfaces.

Just as good bots are invaluable tools to perform a wide range of necessary tasks, bots are very handy in criminals’ hands too — for example, sifting through a vast stolen data dump to find and test credentials, credit card numbers, and so on. And they’ve grown very sophisticated, able even to successfully mimic human behavior to evade detection.

bot attacks

OWASP has analyzed today’s entire range of bot attacks, or Automated Threats to Web Applications, and has classified them into 21 separate types. They’ve also created a list of types of countermeasures available to help you combat those threats.

How to stop bad bots

At Barracuda’s Secured.21 global virtual customer conference last year, the App and Cloud Security track included a Deep Dive session on the OWASP automated threat data and how to stop bad bots while allowing good bots and human users to engage normally.

Here’s a clip in which Senior Project Management Director Anshuman Singh begins to present the 21 threats listed in OWASP’s handbook, dividing them into six categories, such as credential theft, vulnerability scanning, denial-of-inventory, and others:

After explaining in depth the scope and power of malicious bots in the hands of bad actors, Anshuman goes through OWASP’s listing of 14 types of bad-bot countermeasures, and how they address different aspects of the threat posed by bot attacks.

Watch the whole session and you’ll also get Anshuman’s detailed presentation about how Barracuda WAF-as-a-Service works in the cloud to provide many of the countermeasures listed by OWASP. And you’ll see a demo of how the powerful, intuitive interface makes it easy to visualize, monitor, and control your cloud app security infrastructure.

bad bots

Automated application-layer attacks executed with highly sophisticated bots are growing fast. Watch this highly informative session to understand both the nature of the threat and the requirements for an effective defense.

Watch the full session now

Scroll to top