ABOUT TECHNOLOGY
We have been dealing with cybersecurity issues and protection of the web infrastructure from illegitimate traffic for more than 15 years. We have worked on a variety of applied tasks in different areas of business - Enterprise, fintech, e-commerce, etc.
When our journey in this field first began, our process of manually analyzing data was expensive and resource intensive. Learning from this experience led us to develop our first automated data analysis solution. What began as a simple algorithm proved to be both effective and efficient and consequently led us to further develop our product to accommodate for increasing data volume and process demands. Hence our very own, unique Deep Multifiltering™ technology was born, making use of advanced technology such as Machine Learning (ML) and Artificial Intelligence (AI) to suit your needs for the 4th industrial revolution.
Using this technology, the BotFilter system analyzes data and makes decisions. Currently our software is able to track all user activities on your website. We can check any data entered by a user in your forms can be checked before it is sent to the server. It is also possible to use third-party services API for data scoring and its additional verification.
As you are reading you may wonder if all these features come with an additional cost however there are no add on costs. Your subscription fee (according to your tariff plan) includes connection, configuration, and maintenance of the system by our tech specialists. After connecting you will get a preconfigured, calibrated system along with statistics in a clear and easy to understand report.
FILTRATION PROCESS
The filtration process occurs in several stages, which are clearly shown in the diagram above.
In this stage of filtering our advanced firewall works with traffic. It stops all simple «bots», which include ordinary data parsers, email address collectors, and some SPAM-bots. Also at this stage we can filter all users by geography or ISP evidence and stop people who use unmasked Proxies and VPNs.
During the second stage of filtering our unique Deep Multifiltering™ algorithm start works that use a combination of different methods at once. Here we identify the traffic,divide it into three groups and mark them. The first group is real users, the second is «specific bots» and the third one is «suspected bots». If the system has determined that a «specific bot» is trying to get access to the site, then its host is checked against the list of «allowed IP addresses and domains» to further decide whether to block or allow access to the site. As for the «suspected bots», they will be analyzed during the next stage.
During the third and fourth stage of filtration our service begins to record and analyze behavioral factors. This approach allows us to achieve the maximum level of protection even from the most advanced program algorithms of parsing data, which can skillfully mimic real users. The system saves all metrics of every user and records all its movements and actions on every page: page scrolling, mouse movement, filling out the form even without sending, etc. All these activities are analyzed and compared with behavioral patterns from our library. This allows us to identify the «violator» with high accuracy and block it. Also, if a live visitor starts showing «strange» behavior or tries to perform some illegitimate actions, for example, «rob» the content of your site using specialized software or browser plugins, he is immediately blocked. To prevent manual «copy-paste» in the complex of our product, tools for managing elements of the browser interface are also supplied, which we can activate at your request.
«BotFilter» also blocks IP addresses from which pages of the site are accessed too often. That helps to recognize and inform the start of a DDoS attack timely. Our service protects not only the public pages of the site, but also its administrative interface. In case of any suspicious activity on any service page, including the authorization page in the content management system (CMS), our service will immediately respond by blocking the attacker, and the site administrator will receive an emergency message about the precedent. We also have additional tools for diagnosing the human factor and possible information leaks.
ADDITIONAL FEATURES
For maximum comfort of our clients and their users, we have provided two variants of blocking access – "postload" and "preload" of the page.
In the first scenario, the user is blocked after loading the first page. This method allows you to achieve maximum page loading speed, but in this case, an attacker or a bot can access the content of the first page of your resource, to which he "addressed". This variant is more suitable for online stores and content projects who work hard with Search Engine Optimization (SEO).
In the second scenario, user analysis takes place before the required page is loaded, which slows down the loading process, but prevents any attacker from trying to access any of your site's pages. This option is most preferable for popular media or marketplaces, where the majority of the audience visits sites by direct link or ads and is willing to accept small delays during page loadings.
The system can be installed on any standalone web project, regardless of the Content Management System (CMS) you use. And it can be equipped with any functionality depending on the needs of your project within the framework of the system's capabilities. You can get information about the compatibility of the service with your development environment and information about the minimum system requirements on the «FAQ» page.
