Distil Universal ACL Offers a Policy-Driven, Easy-to-Manage Approach, Eliminating the Pain of Managing and Updating Longs Lists of IP Addresses
San Francisco, CA – February 2, 2017– Distil Networks, Inc., the global leader in bot detection and mitigation, today announced the web application security industry’s first Access Control List (ACL) to block based on device fingerprints, providing a more effective way for website defenders to manage and apply whitelists and blacklists across their online applications.
“A key piece of feedback we got from our Bot Defense Council was that they were spending too much time managing ACLs in their firewall or WAF, so we set out to reimagine what a modern ACL could be,” said Rami Essaid, CEO of Distil Networks. “Traditionally, ACLs have been centered around IP addresses, but Advanced Persistent Bots simply rotate through IP addresses or hide behind proxy networks. With our Universal ACL, customers can set a policy with a very specific set of information, then apply it to a specific path, domain or API. They can even put someone in a ‘penalty box’ which can then automatically deprecate after say 48 hours. There’s no need to worry about what IPs are associated with, say North Korea. We manage all that for you. This is the easy button for controlling how you whitelist and block different types of traffic hitting your websites and APIs.”
While ACL creation and updating has typically been time consuming and hard to manage, Distil’s Universal ACL offers a policy-based approach for effective time management, visibility, and control. Customers can create a universal ACL policy, which they can then apply to a specific domain, URL/path, API, or across their entire Distil Networks account.
Unlike traditional ACLs that are limited to IP addresses, the Distil Universal ACL enables whitelisting or blacklisting based on any combination of IPs, countries, organizations, tokens, hi-def fingerprints, user agents, and referrers. Distil also shields users from the tedious task of managing IP drift. For example, instead of uploading and maintaining a list of IPs that correspond to unwanted traffic from a nefarious organization, hosting provider, or country, the Distil Universal ACL updates the corresponding IPs automatically behind the scenes.
“Bad bots have become increasingly more sophisticated,” said Dan Davis VP of Technology at Build.com. “But rather than trying to build something ourselves, we saw more value in partnering with bot mitigation specialists. We wanted more backend automation to thwart malicious bots, and reduce man-hours when whitelisting and blacklisting different types of traffic. Distil Networks lets us focus on being the best at selling the right home improvement products instead of playing IP whack-a-mole.”
About Distil Networks
Distil Networks, the global leader in bot detection and mitigation, is the first easy and accurate way to identify and police malicious website traffic, blocking 99.9% of bad bots without impacting legitimate users. Distil protects against web scraping, brute force attacks, competitive data mining, online fraud, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and downtime. Slash the high tax that bots place on your internal teams and web infrastructure and make your online applications more secure with API security, real-time threat intelligence, a 24/7 security operations center, and complete visibility and control over human, good bot, and bad bot traffic. For more information on Distil Networks, visit us at www.distilnetworks.com or follow @DISTIL on Twitter.