Auth0, the identity platform for application teams, has launched Bot Detection, a new security feature that reduces the effectiveness of a credential stuffing attack by as much as 85%, with minimal impact on user experience.
Bot Detection is a powerful addition to the company’s expanding security portfolio, and works in tandem with Auth0 Breached Password Detection, Brute Force Protection and Multi-factor Authentication, to provide extensive mitigation against a variety of sophisticated threats, including automated attacks, account takeovers and phishing attacks.
Credential stuffing attacks often rely on stolen account credentials (username and password) from a previous data breach and are used to gain unauthorized access to user accounts on another website. This is executed via large-scale bot-driven attacks against the login flow and is an increasingly pervasive problem for enterprises.
“We’ve seen an increase in the volume and sophistication of bot attacks over the last few years, and companies are investing more in their defenses,” said Matias Woloski, CTO and Co-founder at Auth0.
“Being at the front door of applications with a service that secures more than 4.5 billion login transactions per month, we have a unique vantage point for quickly identifying and blocking suspicious activity before any damage is done. This is what makes Bot Detection very effective at preventing account takeover and reducing the load on DevOps and SecOps teams.”
Click below to share this article