SOURCE: Distil Networks

Distil Networks

February 02, 2017 09:00 ET

Distil Networks Releases Web Application Security Industry's First Access Control List to Leverage Device Fingerprints

Distil Universal ACL Offers a Policy-Driven, Easy-to-Manage Approach, Eliminating the Pain of Managing and Updating Longs Lists of IP Addresses

SAN FRANCISCO, CA--(Marketwired - February 02, 2017) - Distil Networks, Inc., the global leader in bot detection and mitigation, today announced the web application security industry's first Access Control List (ACL) to block based on device fingerprints, providing a more effective way for website defenders to manage and apply whitelists and blacklists across their online applications.

"A key piece of feedback we got from our Bot Defense Council was that they were spending too much time managing ACLs in their firewall or WAF, so we set out to reimagine what a modern ACL could be," said Rami Essaid, CEO of Distil Networks. "Traditionally, ACLs have been centered around IP addresses, but Advanced Persistent Bots simply rotate through IP addresses or hide behind proxy networks. With our Universal ACL, customers can set a policy with a very specific set of information, then apply it to a specific path, domain or API. They can even put someone in a 'penalty box', which can then automatically deprecate after say 48 hours. There's no need to worry about what IPs are associated with, say North Korea. We manage all that for you. This is the easy button for controlling how you whitelist and block different types of traffic hitting your websites and APIs."

While ACL creation and updating has typically been time consuming and hard to manage, Distil's Universal ACL offers a policy-based approach for effective time management, visibility, and control. Customers can create a universal ACL policy, which they can then apply to a specific domain, URL/path, API, or across their entire Distil Networks account.

Unlike traditional ACLs that are limited to IP addresses, the Distil Universal ACL enables whitelisting or blacklisting based on any combination of IPs, countries, organizations, tokens, hi-def fingerprints, user agents, and referrers. Distil also shields users from the tedious task of managing IP drift. For example, instead of uploading and maintaining a list of IPs that correspond to unwanted traffic from a nefarious organization, hosting provider, or country, the Distil Universal ACL updates the corresponding IPs automatically behind the scenes.

"Bad bots have become increasingly more sophisticated," said Dan Davis, VP of technology at Build.com. "But rather than trying to build something ourselves, we saw more value in partnering with bot mitigation specialists. We wanted more backend automation to thwart malicious bots, and reduce man-hours when whitelisting and blacklisting different types of traffic. Distil Networks lets us focus on being the best at selling the right home improvement products instead of playing IP whack-a-mole."

Additional Resources:

About Distil Networks

Distil Networks, the global leader in bot detection and mitigation, is the only proactive and precise way to mitigate bad bots across web applications, mobile and APIs. With Distil, you automatically block 99.9% of malicious traffic without impacting legitimate users. Distil Web Security defends websites against web scraping, competitive data mining, account takeovers, transaction fraud, unauthorized vulnerability scans, spam, man-in-the-middle attacks, digital ad fraud, and denial of service. Distil API Security protects public and partner-facing APIs against developer errors, integration bugs, automated scraping, and web and mobile hijacking. For more information on Distil Networks, visit us at https://www.distilnetworks.com or follow @DISTIL on Twitter.

Contact Information

  • Media Contact
    Lauren Hillman
    Kulesa Faul for Distil Networks
    P: 510-394-2145
    E: Email contact