Distil Networks announced the bot mitigation industry’s first Hi-Def fingerprinting solution. Hi-Def device fingerprinting goes beyond IP- and header-centric identification by actively pulling additional data from the browser to identify devices with precision. This approach minimizes false positives and creates an even clearer picture of web traffic, allowing web defenders to make access decisions with certainty.
“Combating bots is a science that requires accuracy,” said Rami Essaid, CEO of Distil Networks. “The process begins with gaining a clear understanding of web traffic and the devices that access your website, and for this reason, Hi-Def device fingerprinting is the first step in successful bot detection and mitigation. Distil’s Hi-Def fingerprinting identifies 60% more unique devices than an IP address alone, and 24% more unique devices than an IP address combined with header information. Instead of leaving those unaccounted for devices hidden from defenders, Distil’s Hi-Def fingerprinting adds in over 200 additional attributes, increases accuracy, reduces false positives, and gives website defenders the confidence to not just throttle traffic, but to block it outright.”
Distil’s Hi-Def fingerprinting technology:
- Inspects traffic at the perimeter, identifies malicious devices, and intercepts bad bots before they can wreak havoc on a website
- Fingerprints stick to the bot even if it attempts to reconnect from random IP addresses or hide behind peer-to-peer networks or anonymous proxies
- Goes well beyond IP- and header-centric identification by analyzing over 200 additional device attributes
- Includes a tamper proofing layer, which detects manipulation of data values inside the fingerprint
- Gives users complete visibility into false positives
- Shares the Hi-Def fingerprint across Distil customers in a globally-distributed, known violators database, and is made available for other security products like SIEM.
“A key distinction to Distil’s Hi-Def fingerprinting is the assertive PULL of data from the client, as opposed to relying on headers that are pushed. This gathers specific data that improves identification without relying simply on the data that the client chooses to send,” said David Monahan, Research Director, Security and Risk Management at EMA. “Distil Networks’ Hi-Def fingerprinting is really more like current facial recognition software. The subject can change aspects of its appearance to avoid recognition, but there is enough information in other data points to make a positive identification.”
“Drupal.org is one of the largest open source development communities in the world, and our high Google authority score makes us a target for SEO agencies looking to spam our forums with links to their clients’ sites. Every week, these agencies were creating hundreds of dubious Drupal.org accounts and posting thousands of pieces of comment spam,” said Ryan Aslett, backend developer services engineer at Drupal.org. “Distil’s Hi-Def fingerprinting technology allows us to block these bad actors from registering accounts, and prevents them from polluting our site.”