Distil Networks Moves to Secure APIs

CERT-LatestNews ThreatsCybercrime ThreatsStrategic

Any IT organization that manages a web site is involved in a daily battle with bots. Frequently employed to launch everything from cyberattacks to artificially trying to constrain access to inventory, bots have become a plague on IT.

In recent years, many IT organizations have been able to defend themselves against these types of attacks by implementing a series of technologies that makes sure the user of an application or Web service is an actual human being. Thwarted by that defense, many cybercriminals have decided to focus on attacking application programming interfaces (APIs) as a way to get around it. Distil Networks today announced it has now come up with Bot Defense for API as a means to close that avenue of attack.

Edward Roberts, director of product marketing for Distil Networks, says most organizations don’t really appreciate the amount of financial damage bots can inflict on their organization. Over time, bots start to have a negative impact on conversion rates that significantly impacts the return on investment (ROI) organizations derive from building web and mobile applications.

“The truth is, bots do a lot of damage,” says Roberts.


Roberts says Bot Defense for API provides access to a software development kit (SDK) to verify that the end user of an application is a person, in addition to providing tools for verifying identities and blocking access to applications.

In general, IT security remains a game of spy versus spy. Every time IT organizations find a way to defend themselves from one threat vector, another one seems to appear. While there may never be a permanent fix to IT security, IT organizations should take some comfort in the fact that they can tighten the security of APIs, on which much of the digital economy now depends.