Kasada, has announced the general availability of its V2 platform.
In its V2 release, Kasada has made several improvements that provide customers with an immediate and long-term approach to bot mitigation without the need for burdensome maintenance. These include:
- 15x increase in client interrogation sensors, which help ensure attacks using the stealthiest automation tools are uncovered
- New proprietary and dynamic obfuscation method to make it extremely difficult – and expensive for attackers to retool their efforts
- Additional controls for proof-of-work challenges to encourage attackers to move on to their next Target
“Intruders continue to stay a step ahead of defenses – constantly evolving their tactics to create new bots that look and act like humans,” said Sam Crowther, founder and CEO of Kasada. “Stopping a bot attack and trying to prevent the next one with behavioral analysis is not effective. What is needed is a proactive approach, one that is constantly adapting alongside attackers, requiring automated bots to prove they’re from a source controlled by a human.”
Kasada’s new V2 defense platform is a modern anti-bot solution that stops attacks by preventing them from entering an organization’s infrastructure in the first place – and does so without reliance on rules, heuristics, or risk scoring. Legacy detection systems let automated requests in first to look for suspicious activity – but, by then, it’s already too late. By adhering to a zero-trust philosophy, Kasada detects and stops malicious automation from the very first request, before it can do any damage. As bot operators evolve their tactics, including the use of new bots never seen before, Kasada detects with precision in real-time.
“A different approach to bot mitigation is long overdue,” added Ed Amoroso, CEO at TAG Cyber. “To stay one step ahead of bots, you need to immediately prevent new stealthy tactics from doing damage – while also halting their long-term attempts to reverse engineer and bypass your defenses. Kasada frustrates, deceives, and makes attacks too costly to conduct.”
The economics and ease with which bots can be used make it highly profitable to conduct automated attacks at scale. Through Kasada’s use of mitigative actions and exponentially difficult cryptographic challenges, attackers are frustrated, and their financial incentive is destroyed as the cost to conduct an attack increases.
“Kasada’s bot defense platform helps us prepare for whatever the latest tactics and attacks are, stop them before they can cause any damage and deter future attempts to infiltrate our operations,” said Howard Blumenthal, Sr. Director eCommerce, Kaman Distribution Group. “Put simply, Kasada works.”
Kasada’s V2 improvements include:
Increase in Interrogation Sensors for Advanced Bot Detection – Kasada has increased its client interrogation sensors by 15x, accurately detecting the use of Puppeteer and Playwright, stealth plugins, and other similar headless browser automation tools. For mobile apps, it has also incorporated new detections for Android emulators and iOS simulators. These developer tools help attackers fly under the radar of traditional bot mitigation approaches that look for known suspicious behaviors first, instead of identifying the presence of bot-driven automation itself.
Unique Obfuscation Method Resistant to Retooling – Instead of relying on weak obfuscation methods or open-source JavaScript tools that can be deciphered easily, Kasada pioneered its own patented technology that dramatically slows any retooling or reverse-engineering attempts. Observed by attackers as indecipherable bytecode, Kasada’s lightweight software obfuscates its defenses by using its own proprietary interpreter. Traditional bot mitigation solutions lose their efficacy over time because the motivated adversaries – the humans behind the bots – are able to reverse engineer defenses. Kasada retains its efficacy by making retooling time-consuming and frustrating, encouraging bot operators to move on to more profitable ventures.
Enhanced Ability to Strike Back – Without informing the attacker, Kasada forces an increasingly difficult asymmetric cryptographic proof-of-work to be solved. This results in extensive CPU work for bots and exhausts adversaries’ compute resources. New controls for setting request thresholds and the difficulty of the proof-of-work challenges have been added to the platform,
empowering online businesses to wreck attackers’ ROI even faster. This process also eliminates the need for CAPTCHAs, which have been shown to be an ineffective tool for validating humans.
More Efficient and Cost-Effective Data Storage for Threat Intelligence – By exporting its data into any observability platform or SIEM, organizations can combine Kasada data with other sources to comprehensively analyze the human, good bot, and bad bot traffic, providing real-time threat intelligence and business insight. Aggregate data volume has been decreased by up to 70%, without losing any information, greatly reducing the cost to store granular log data.
