F5's Distributed Cloud API Security provides discovery and deep insights from use of AI/ML. It can be used to block API attacks in real time and eliminate vulnerabilities at their source. The SaaS-based portal enables users to manage and go deep for threat analytics, forensics, and troubleshooting of modern applications.
N/A
F5 Distributed Cloud Bot Defense
Score 8.3 out of 10
N/A
F5 Distributed Cloud Bot Defense (formerly Shape Defense, acquired January 2020) provides security to protect a website from bots, fake users, and unauthorized transactions, preventing large scale fraud and eroded user experiences. Companies get visibility, detection and mitigation outcomes to reduce fraud and cloud hosting, bandwidth and compute costs, improve user experiences, and optimize their business based on real human traffic.
I believe it covers everything related to the applications' security aspects, but there are a lot of improvements that need to be made. For example, better granular controls like bot categories listed on the distributed console and a granular URL-based control for the rate-limiting option are needed.
I'd strongly recommend it, but with a few caveats depending on how mature the team is with behavioral based security tools. One of our fintech clients was getting hit with low volume, widely spread login attempts, below our rate limiting thresholds. F5 Distributed Cloud Bot Defense was able to flag abnormal input timings, inconsistent device fingerprinting and high entropy in field population behavior. You can only imagine the wave of downstream account lockouts this saved the client. On the other end we had a client with a real time trading platform using Graphql over websockets. F5 Distributed Cloud Bot Defense wasn't able to tap into that stream natively. we had to reverse engineer a proxy layer to inspect events. It worked but it was clunky and not officially supported
Quickly helps mitigate the retooling and newer advanced bot attacks
Excellent customer service from our f5 bot Defense team/partners
Easy to do Traffic Analysis/False Positive reviews with their dashboard of data
Our F5 Security/Solutions Architect and TAM is always there for us whenever we need them
First class service by the F5 Distributed Cloud Bot DefenseSOC, the Tactics Team, the F5 Testing person that helps us, the mobile SDK experts, the Client-Side Signals experts and F5 management
Industry best Threat Briefings
Not only is F5 Distributed Cloud Bot Defense great at stopping the advanced bot attacks, they also have protection against any tampering or replay attacks.
F5 Distributed Cloud API Security provides robust API protection with solid threat detection, excellent visibility, and seamless integration into our architecture
Great product. Working with F5 for many years, we found the products F5 provided are all cutting edge technology. Although in F5 Distributed Cloud API Security we still have a lot to find out, but we believe this experience will be very good. Especially on the security side. Trust in F5.
Official support can sometimes take time to reach the right people. However, once you are in contact with the appropriate experts, the support is excellent, as F5 staff are true specialists. On the other hand, we always receive prompt assistance from our local sales team, who typically help us connect with the right people quickly.
F5 Distributed Cloud API Security is our company looking forward product. With more and more API is using in both on prem, private cloud, public cloud and multi cloud environment, we as a financial institution, we are keep into the security settings to protect the information. That's the main reason we want to use this product.
Implementation of Distributed Cloud is accomplished a few different ways, it would pay to meet with the F5 team and map out your implementation prior to acquisition to make sure you Infrastructure and Operations teams are aligned to the approach and requirements.
We ran a short POC with Salt. Its data classification and attack replay features were impressive. What held us back was the limited support for hybrid deployments and poor integration into our CI/CD pipelines, as F5 did.
Clodflare bot management was our other obvious option for us. We tested it on a staging version of our RFQ platform. It was great for broad traffic filtering but had a hard time with nuanced differences between real subcontractors and low volume bots mimickingt human input whereas that's where F5 Distributed Cloud Bot Defense thrived
F5 Distributed Cloud API Security mitigates many API-related security threats, including bot attacks, DDoS, data breaches, and unauthorized access attempts.
F5 Distributed Cloud API Security uses robust threat detection, machine learning, and real-time monitoring for speedier identification.
Reductions in security events result in fewer breaches, reduced downtime, and lower attack remediation costs.
Prior to F5 Distributed Cloud Bot Defense, we were averaging 12k plus credential stuffing attempts weekly across client portals That number fell down to less than a thousand in just 4 weeks
Over 90 percent of scraping and unauthorized price harvesting blocked
