Security News > 2020 > August > Auth0 Bot Detection: A security feature that reduces the effectiveness of a credential stuffing attack
Auth0 launched Bot Detection, a new security feature that reduces the effectiveness of a credential stuffing attack by as much as 85%, with minimal impact on user experience.
Bot Detection is a powerful addition to the company's expanding security portfolio, and works in tandem with Auth0 Breached Password Detection, Brute Force Protection, and Multi-factor Authentication, to provide extensive mitigation against a variety of sophisticated threats, including automated attacks, account takeovers, phishing attacks, and more.
During a credential stuffing attack, traffic for a particular website may surge as much as 180x the usual volume, with traffic related to the attack itself accounting for 90% of overall activity.
Bot Detection correlates numerous data sources to identify and mitigate bot-driven attacks before login, and relies on a collection of risk signals and assessors that identify indicators of suspicious activity.
This layered approach - also known as defense in depth - consists of multiple security capabilities, including Bot Detection, that effectively reduce the number of credential stuffing attempts and many other attacks.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/WAd8sqS14t0/
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually (source)
- Websites are losing the fight against bot attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- CISSP and CompTIA Security+ lead as most desired security credentials (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)