Dynamic Action: Inflate the Attacking Cost
Traditional bot mitigation relies on predefined static responses - such as Allow, Block, Bypass, Redirect, Display a static HTML, and Challenge - to handle suspicious requests, as well as some widely-adopted advanced actions:
- Rate Limiting: Controls request frequency from high-risk IPs, preventing API flooding and credential stuffing.
- Response Blocking: Identifies and blocks malicious payloads through pattern matching and content inspection.
- Payload Inspection: Analyses the content structure and payload composition to detect obfuscation, injection, or malformed requests.
These actions can provide certain control but still lack flexibility and adaptability. Thus, they are insufficient against evolving, sophisticated bot threats. MaxiSafe’s Dynamic Action framework enhances this by introducing two advanced mechanisms: Intensifiers and Triggering Probability, enabling intelligent, risk-aware defence escalation.
- Intensifiers:
- Request Delay (configurable): Applies configurable delays to suspicious requests, disrupting bot automation cycles without affecting legitimate users.
- Auto-ACL (Access Control List): Automatically updates IP - or behaviour-based ACLs based on observed anomalies or risk scores, improving long-term mitigation.
- Triggering Probability:
- Always: Actions are executed unconditionally once triggered.
- Triggering By Probability: Actions are executed based on configurable threat probability thresholds.