Web Traffic Composition
Robust bot management is essential for web security today. On average across different verticals, only 38 percent of incoming requests originate from human users. The remaining 62 percent have an automated source.
Not all bots are harmful. Some (such as search engine spiders) are often welcome, and some (such as content aggregators) are not overtly hostile. However, almost 40 percent of incoming requests come from malicious bots.
Consequences of Inadequate Protection
Threat actors use bots to wage a variety of web attacks. In fact, almost all attacks involve bots in one way or another. Hostile bots which are not identified and blocked can create a variety of problems for organizations with significant web assets (sites and web applications, microservices, and mobile/native API endpoints). Some of the potential problems are:
- Site downtime
when DDoS attacks exhaust app/server resources. - Data theft
from scraping. - Site breaches
via vulnerability discovery bots. - Loss of revenue
from inventory hoarding. - Bad business decisions
from skewed analytics. - Account theft
from credential stuffing. - Merchant account problems
from credit card testing. - Degraded customer experience
from loss of bandwidth & resources.