Ovum On The Radar Analyst Report on Distil Networks

November 13, 2015 Elias Terman

Bot identification to protect against web scraping, web application security breaches, and fraud

Ovum, the UK based analyst firm, devoted a recent ‘On The Radar’ report to Distil Networks. On The Radar reports feature technology vendors that show clear innovation compared to similar services.

Rik Turner, senior analyst on the Infrastructure Solutions and IT Security team, thinks enterprises should put Distil Networks on their radar because:

“As online activity such as e-commerce, e-government, and e-health expands and grows more complex, there is a need for technology like Distil’s that can identify good and bad bots and provide protection, particularly now that it has extended that capability to APIs. Its threat intelligence service will also help with protection provided by other security infrastructure components such as next- generation firewalls and intrusion detection/prevention systems.”

Turner writes:                

“Distil Networks provides protection from malicious bots, web scraping, web application security breaches, and various types of fraud, all charged for as a service.

Distil identifies bot and is able to distinguish between benign ones, which scan websites for pricing information on behalf of price comparison services, for instance, and malicious ones. Bots are initially “fingerprinted” by Distil’s technology, with the print being made up of a variety of features beyond IP addresses. The print is then checked against a “known violators” database. If it is not on that database, Distil then interrogates the browser that originated the traffic to further validate that there is a human at the other end, as well as injecting JavaScript into it to seek any malware that may be lurking there.  

Beyond that, Distil engages self-learning to detect any behavioral anomalies in the traffic patterns from regular website users. When it detects suspect behavior and needs further validation, Distil can open a chat window to see whether a human responds, or it can request email validation or carry out a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) to see if it is in fact a bot rather than a human generating the traffic.

While web application firewalls (WAFs) can be said to address similar types of threats to Distil’s, there is often an onerous overhead involved in updating their rules, a problem Distil circumvents by maintaining its own violator database and by applying self-learning techniques.”

To download the full report, please click here.



About Rik Turner

Rik is a senior analyst on the Infrastructure Solutions team, focusing primarily IT Security. Rik joined Ovum in January 2005 as European Bureau Chief of its ComputerWire daily IT news service. He covered fixed, wireless, and mobile networking and security. In February 2007 he moved across to become an analyst on the Financial Services Technology team, initially covering retail banking and writing reports on online and branch banking. More recently, however, he has developed a specialization in capital markets infrastructure. In mid-2008 his team was grouped under the Ovum brand as part of its IT analyst arm.

Prior to joining Ovum, Rik spent six years as an IT journalist and, before that, was a foreign correspondent for 16 years in Latin America, writing regularly for publications such as the Financial Times, The Economist, The Independent, and Business Week.

Rik holds a BA in Spanish and Portuguese from Newcastle University and an MA in Spanish from King’s College, London.

Previous Article
How to Defend Your Online Marketplace Against Unwanted Traffic
How to Defend Your Online Marketplace Against Unwanted Traffic

Learn how to defend your online marketplace against non-human traffic that cause downtime, steal content/da...

Next Article
The Anti-Fraud Movement Took a Great Step Forward Today
The Anti-Fraud Movement Took a Great Step Forward Today

Trustworthy Accountability Group (TAG) unveils “Verified by TAG” program to combat digital ad fraud as part...