An online Artificial Intelligence (AI) & Machine Learning (ML) traffic management platform that increases website ROI by mitigating malicious bots and non-human fraud before they can infiltrate your ecosystem.
Residing at the edge of network, our AI engine reads your weblogs and performs multi-factor authentication on each site visitor and bot, comparing them to our database and categorizing which bots are visiting your site and why.
Your verified access list (your "pristine traffic") determines which bots and human traffic sources can visit your site and by auto-generating blocking rules we're able to stop the bad bots before they reach your website (our bot mitigation process).
Our Machine Learning engine provides you with the real-time insight you need to optimize your sales pipeline to ensure, through our proprietary bot mitigation process, that the only traffic coming to your site is "pristine traffic".
Mitigating Your Unwanted and Malicious Bot Traffic in 4 Automated Steps
There are two types of bad bots: generalized bots which look for vulnerabilities to exploit first and when found, custom bots are then written to specifically target your website.
"Generalized Bots" are the much more common bots. Often attackers will use them as a site penetration test to see how difficult it is to penetrate a site's initial security layer. If their bots successfully breach a site's defenses, attackers will be much more likely to prioritize the site as candidate for writing a custom bot. This enables attackers to allocate their resources against websites that have proven easier to compromise.
"Custom Bots" are typically written to attack sites that have been successfully penetrated by generalized bots. Because they're written to attack a specific website, they require more resources and have limited use (they only work on your website). Since they're built for specific attacks, they often cause the most damage. A verified access list provides a simple and cost-effective way to protect your online business.
Hackers will deploy generalized bots which perform a scan of a website and online infrastructure looking for vulnerabilities they can penetrate. On the surface, these “crawler bots” appear harmless, behaving in a similar manner as Google bots. They simply crawl a site, page by page reviewing its content. This first stage, reconnaissance work, enables cybercriminals to automate their penetration testing in bulk. The resulting vulnerabilities are categorized and targeted through custom bots designed to penetrate the specific vulnerabilities.
Attackers use generalized bots to crawl websites in bulk. They simply load domain names into their crawl scripts. These scripts automatically identify and catalog site vulnerabilities. The bots move on from sites they cannot readily penetrate, those without easily identifiable vulnerabilities. This allows hackers to focus their attention on the easier targets.
Cybercriminals don't initially target specific sites. For e-commerce attacks, hackers may have lists of hundreds of thousands or even millions of credit card details. They'll target sites with payment gateway in an attempt to hijack the gateway to see if which cards in their database are valid. Allowing automated bots to access the payment gateway URL creates malicious activity opportunity.
Websites and API access points are under constant threat from malicious activity including…
Bots are used to detect email addresses contained on a site's webpage copy. Next, the bots will attempt to determine the organization's email format by examining the email records. For example: [email protected]. If successful, the bots then gather the names of the organization's employees from the about us, contact us and staff pages. From there it's easy to automatically compile a directory of the organization's employees and their emails. These emails are bulk validated through readily available, inexpensive third-party services before the emails sent. This simple, automated process allows cybercriminals to launch successful phishing attacks.
E-commerce sites contain pricing data that bad bots can scrape, even without compromising the shopping cart or checkout platform. Competitors and cybercriminals launch bad bot attacks to steal pricing and shipping rates. Bot activity can cause checkout, shopping cart and payment processing downtime if not blocked.
Websites are full of rich content and data that bad bots can scrape. This enables competitors and attackers to steal a site's marketing content and sensitive data. Not only are these bad bots stealing proprietary data, the activity sucks up the site's bandwidth. This, in turn, slows down the site's performance, which can cause downtime and additional overhead if not blocked by a bot mitigation platform.
FINANCIAL IMPACT
Lost revenue to competitors
Price undercutting by competitors
Promotion scrapping by competitors
Content theft without attribution
Negative impact upon SEO rankings
Fake lead form fills
Fake account registrations
Malicious bots can cause havoc for management because they can skew Profit and Loss (P&L) numbers and Key Performance Indicators (KPI). As a result, decisions made are based upon inaccurate data, creating a feeling of flying blind. Not only do bad bots from scraping and ATO activities drain organization's resources, even greater strain is experienced as the numbers being relied upon no longer reliable. Cash flow, receivables, payables are often impacted immediately. Longer term, projections, customer service, IT and human resource departments are often impacted.
Payment gateways are an e-commerce site's conduit to the merchant account provider or bank. They're designed to make the acceptance of credit cards, debit cards, eChecks, ACH and alternative forms of payment easy for the online merchant to accept. Inadequate defenses against malicious bot activity can flood the payment gateway with authorization attempts which can overload the payment gateway, leading to declined transactions and lost sales. In extenuating circumstances, the gateway provider, processor or bank can suspend or even terminate the merchant's account.
E-commerce sites that utilize a shopping cart are particularly vulnerable to malicious bots that can impersonate buyers and add items into the shopping cart, removing them from inventory. Competitors using bots can make purchasing more difficult for legitimate customers by tying up the shopping cart. Bots can be used to lock product launch and special offer pricing on the website. Then the competitor can organize a flash sale on social media for the same special pricing on their site. By diverting the target site's buyers to their site, they pocket the price differential. Shopping cart abuse can also be used to impact advertising and click-throughs by showing a particular product or offer is "sold-out" on the targeted e-commerce site, but available on a competing site.
Account Takeover Attempts (ATO's) are a significant problem for financial institutions, e-commerce sites and payment platforms. A form of ID theft, ATO's access a site's user/customer accounts in an attempt to use them to make unauthorized purchases or initiate unauthorized transactions on another site.
Some of most common ATO attacks are perpetrated using: Password Re-use (using the compromised password from one site on another site), Credential Stuffing (bulk attempts to gain access to user accounts), Malware (that interferes with user sessions), Remote Access (gaining control of a user's device), and Induced Payments (users are tricked into initiating a fraudulent payment).
When successful (and without a robust bot mitigation solution), ATO's are very costly for a business to resolve.
Brand damage
Revenue loss (LTV)
Increased chargebacks
Increased customer support costs
Very simply, we provide you with a dedicated subscription service that only allows the bot visitors you want onto your web site, so you can deal with the others. Once you have locked down your website to prevent these unauthorized bot visitors, they won’t be able to report any vulnerabilities back to the cybercriminals. While our service can’t protect you from every single attack, it is a cost-effective and vital first layer of protection. Just like the car thief – they will move onto an easier target.
our self service not mitigation platform offers…
Pristine Traffic is a month-to-month bot mitigation service and may be cancelled at any time prior to the next month's billing.
Automated bot mitigation protection for customer websites and APIs from potential malicious bot threats 24/7
All visitor traffic is run through our machine learning, multi-factor authentication engine. This ensures that unauthorized bots are blocked and potentially malicious bots identified at the network edge, before they reach a website. What remains is a site's "Pristine Traffic".
Allows companies to ensure they have comprehensive policies in place across all internet visitors - both human and bot
Ensures our bot mitigation filters never block a good bot again
Customized ML bot mitigation models to feed into visitor analytics across the enterprise
Pristine Traffic's bot mitigation works seamlessly with Content Distribution Networks (CDNs) and Firewalls, such as Amazon AWS CloudFront and Cloudflare without an install.
Integration is at the edge of the network, with your existing WAF, DDos and other security layers.
Pristine Traffic automatically identifies visitors with a higher Propensity to Purchase (P2P). This helps increase conversions through the sales pipeline, increasing customer ROI.
Saves on CPU and hosting / bandwidth requirements due to blocking unwanted Bot traffic.
Supports real-time automated bot detection with full Access and Identity Management for Bots to clean up legacy access control lists
Out-of-Line platform (edge of Network) bot mitigation that causes no network slowdowns, and doesn’t add another layer of risk, or require major infrastructure changes e.g. DNS
Once Pristine Traffic is active, your dashboard allows you to easily see all the legitimate activity of the bot visitors. After activating your verified watch list, Pristine Traffic begins blocking unwanted traffic and fake bots. Utilizing our Ai and ML engines, our bit mitigation platform ensures bad bot visitors are stopped and pristine traffic, good traffic allowed in.
