Incremental Rollout
Percentage Rollout for Rules:
Identifying malicious bots is only part of the problem. Many CISOs have found to their peril, that blocking bots results in the hackers re-tooling the bots and hitting the endpoints again with much larger attacks.
Deploying rules incrementally, using a percentage threshold allows our customers to live test the actual rule for a small % of the site, and thus the response of the bot attackers on a segment of the traffic first.
What are Dynamic Bot Rules?
VerifiedVisitors AI detectors allows our customers to deploy rules per traffic segment and risk cohort. For example, creating a rule to stop Account Take Over, will block all bots hitting login and account paths with credential stuffing. The dynamic rule will apply no matter what user agent, IP ranges on any other changes are performed by the bot to hide in the legitimate traffic.
3 easy steps to Deploying Rules
1) Using the Command & Control Rule Simulator to first apply a virtual rule and identify the bot attacks. The bots will be identified and marked in the simulator, and can be downloaded into a SIEM or other analytical tool.
2) Once you're happy with the dynamic rule selection, then you can now use the incremental rollout feature, to select the % of traffic that you would like to test. For example, it may be prudent to test the new rule on 10% of the selected traffic segment.
3) Test the rule live on a small percentage of the traffic segment, and then see the response if any from the bots. Increase or decrease the percentage as appropriate, or adjust the rule.