New bot detection feature helps fight credential stuffing

Credential stuffing attacks rely on stolen account credentials from a previous breach and are usually perpetrated by bots in an attempt to gain access to other websites.

This is a major problem for businesses, with threat actors using as many as 65,000 IP addresses for a single attack. Now though identity platform Auth0 is launching a new Bot Detection feature that it claims can reduce the effectiveness of a credential stuffing attack by as much as 85 percent.

Auth0 has found that threat actors can and do change their attack strategies in  minutes to bypass a security control. More than 80 percent of companies say it's difficult to detect and respond to attacks.

Bot Detection correlates many data sources to identify and mitigate bot-driven attacks before login, and relies on a collection of risk signals and assessors that identify indicators of suspicious activity. This layered approach -- also known as defense in depth -- consists of multiple security capabilities, including Bot Detection, that effectively reduce the number of credential stuffing attempts and many other attacks.

At a high level, Bot Detection monitors IP addresses for non-suspicious events, such as successful logins; suspicious events, such as numerous failed login attempts across multiple accounts; and IP reputation data, which is used to identify known threat actors. When suspicious traffic is detected, a CAPTCHA step is added to complete a login request -- the system is designed to mitigate the majority of bot attacks targeting the login or registration flow. At launch, Auth0 will support customers using its Universal Login capabilities, with additional support for other systems in the coming months.

"We've seen an increase in the volume and sophistication of bot attacks over the last few years, and companies are investing more in their defenses," says Matias Woloski, CTO and co-founder at Auth0. "Being at the front door of applications with a service that secures more than 4.5 billion login transactions per month, we have a unique vantage point for quickly identifying and blocking suspicious activity before any damage is done. This is what makes Bot Detection very effective at preventing account takeover and reducing the load on DevOps and SecOps teams."

You can find out more about Bot Detection on the Auth0 blog.

Image credit: designer491 / Shutterstock