Cequence Security: Protection Against Bot-Led Business Logic Attacks

An Intellyx Brain Candy Brief

Unlike malware-based attacks, a business logic attack seeks to subvert the normal behavior of a web site or mobile app. For example, bots with stolen credentials might hold plane tickets or concert tickets, reselling what they can while forcing the rest to expire. Or the bots might commit advertising fraud by clicking on ads, or defraud a loyalty site by simulating the actions of a loyal customer.

Many anti-bot technologies require the target site/app owner to modify its code, adding, say, additional JavaScript to every page.

In contrast, Cequence takes a non-invasive approach to stopping bots that adds a layer of protection without requiring any code changes. The vendor uses machine learning to analyze site and app traffic data out of band, identifying synthetic (bot) users in real-time.

Cequence is then able to mitigate such fraudulent traffic either by blocking it, rate limiting it, or redirecting it for further authentication or even to a honey trap.

Copyright © Intellyx LLC. Intellyx publishes the Cortex newsletter, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at pr@intellyx.com.

SHARE THIS: