Chapter 6. Managing Threats to Data Confidentiality and Integrity

Data is the lifeblood of your business. To ensure the confidentiality and integrity of that data means proactively managing and deterring the malicious bots and other threats that are bombarding your data-rich edge applications. In addition to malicious bots scraping your sites or committing fraud, these bots (and the attackers that have dominion over them) are fully capable of finding and exploiting vulnerabilities in your web applications and APIs. Most exploits come with remote code execution, allowing hackers to gain a foothold within your sites and applications. After an attacker gains a foothold, they’re often fully capable of stealing your confidential data or affecting the integrity of your data by manipulating data fields. These footholds often have serious consequences and result in data theft and fraud.

Detecting and mitigating these malicious activities also helps maintain your brand reputation and preserve trust between your organization and partner organizations and customers. Today, bot management is top of the list when it comes to ensuring data confidentiality and integrity by eliminating malicious bots—first. Your broader application security focus should also include a Web Application Firewall (WAF), Application Programming Interface (API) security solutions, and malware protection. These technologies are designed to block malicious traffic beyond what is being propagated by bots alone.

Bot Management ...

Get Securing Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.