Denial of Wallet Prevention
Cloud autoscaling has spawned new of denial of wallet attacks designed consume resources and your budget.
Denial of Wallet attacks can target any industry with the goal of inflicting monetary damage while rendering the application unusable – an application level denial of service. In some cases, Denial of Wallet is a secondary result brought on by the over consumption of cloud resources for the purposes of harvesting bitcoin, executing automated attacks or other malicious activity.
Denial of Wallet attacks typically target cloud-based applications and micro-services with the end goal of driving resource utilization far beyond the allocated budget, resulting in an application denial of service. Using the application business logic such as account login, new account creation, shopping cart, or comments, these attacks will generate a massive spike in the number of requests to initiate an application scaling event that in turn, results in the deployment of more CPUs, memory, storage, and other supporting IaaS elements (e.g., WAF, load balancing, logging). The spike in service usage results in an unexpected billing increase at the end of the month.
As soon as new public-facing apps and API services are deployed, Bot Defense begins detection and analysis of traffic, without costly development overhead. This enables you to monitor all APIs in your environment and detect and mitigate denial of wallet attacks quickly.
Using more than 150 customizable automation indicators, CQAI determines the malicious or benign intent of each application request. The REST API can be used to export CQAI findings to external systems for archiving, additional analysis or an alternative response.
Customizable mitigation policies provide multiple response options including block, rate limit, geo fence, or deception. Using deception allows you to send a custom response to the attacker, effectively putting guardrails around their activities.
As new public-facing applications are deployed, they are automatically discovered and protected from denial of wallet attacks and other threats by Bot Defense, effectively baking security into your application deployment workflow.
Agentless approach allows you to deploy consistent visibility and policy protection for your API and web-based applications.
A container-based software architecture allows Bot Defense to be deployed in your data center, the cloud or as a SaaS offering, so you can choose the architecture that best fits your needs.
Bot Defense and CQAI automatically discover all your web apps and APIs then determine the intent of traffic to find the denial of wallet attacks expeditiously, saving you incident response time while minimizing harm to your users and business.
Customizable automation indicators and responses enable you to fine tune and maximize attack prevention policies to eliminate fraud associated with denial of wallet attacks.
With REST APIs and an open architecture, you can share information and findings with third party applications and other IT infrastructure like SIEMs and SOC systems as needed.