Bots vs. Applications Security Team
Bots are one of many threats facing an organization’s applications and AppSec teams are naturally on the front lines to combat bot-related risks. Bots can be used in a variety of ways to attack an application both directly and indirectly. However, in addition to the DDoS attacks and various forms of fraud discussed previously, bots are instrumental in the discovery and exploitation of vulnerabilities.
- Reconnaissance and Attack Planning - Bots and many other forms of automation can be used to scan a site or application to understand what types of technology is used and to search for vulnerabilities. This can allow attackers to quickly uncover weaknesses that can be used to compromise a site as part of a larger attack.
- Exploitation and Compromise - Once weaknesses are found, malicious automation is often key to the exploitation and the ongoing abuse of the site. Depending on the type of weakness, attackers may be able to redirect visitors to a compromised site or directly infect the application with an exploit kit. Exploit kits can then automatically exploit visitors and deliver malware to the user's machine. This can naturally have serious impacts to a site’s reputation.