Over this weekend, I had the opportunity to speak with Patrick Gray of the Risky.biz Snake Oilers security podcast about how Kasada helps customers deal with malicious bots.

Patrick interviews a range of security experts and suppliers, so he hears about the gamut of bot-based threats to web assets – account theft, content scraping and of course DDoS. He brought up the big jump in volume and sophistication of bot-based attacks over the last two years, in particular on retail, travel and employment sites.

Most recently, these attacks have been backed up by cybercrime apps and services like Sentry MBA, which Kasada customers encounter all the time.

I explained how Kasada uses a combination of fingerprinting (to understand threat attributes), pattern analysis (to confirm which visitors are really bots) and our unique Cryptographic Challenge to meet and defeat the bot onslaught.

The Kasada Cryptographic Challenge is a proof-of-work in Javascript that breaks the financial models of botnets.  By forcing bots to solve a compute-intensive hashing algorithm, Kasada overwhelms botnet CPU budgets and sends bots on their way.

I think the most interesting part of our chat was about how Kasada provides a clear return on enterprise security investment.  Patrick was intrigued that real customer data shows up to 95% of bandwidth and dedicated compute resources can be consumed in serving bot traffic vs. human site visitors.

The ability to recover the lion’s share of your web site investment locked up by malicious bots made going with Kasada a “no brainer”.

Patrick was also especially keen on the simplicity of rolling out Kasada and maintaining it over time.  I explained how most of the time, all a user needs to do is modify their DNS configuration once to point to Kasada’s cloud-based platform and that’s it.

We even have some customers who haven’t touched their configuration in months or years, unlike the constant upkeep and tuning required on most web security solutions.  And with CDNs, you can even focus Kasada to target specific geo regions, with rules for specific data centers or routings, lowering the risk (and approval requirements) for a PoC.

Listen to the podcast yourself at https://risky.biz/snakeoilers3/ and learn about Kasada Polyform at kasada.io.