For Craig Templeton, CISO & GM Group Technology Platforms at REA, dealing with content scrapers, service interruptions, or credential stuffing caused by bad bots at unconventional hours of the night, proved to be an inefficient way of conducting successful business.
REA had huge problems with bots; platform engineers at the group were constantly, and around the clock, dealing with mitigating security incidents and attempting to avoid service disruptions.
Bots flood the bandwidth of websites, rendering them slower or unavailable to legitimate users. After detailed analysis, the engineers at REA observed that their platform was being aggressively targeted by a fake Google bot coming from Germany. It had to be blocked. Craig explains:
"I went ok, come back to me on that… and after a week they said: can’t you just make it go away? It became evident to us that the walls weren’t the answer to this."
Perpetrators, including competitors, use DoS attacks to disrupt a website or even take it down. They can dynamically use multiple sources, which make it impossible to stop an attack by blocking a single IP address.
And, for REA group it doesn’t end there, they also discovered that there is a huge number of businesses feeding off their data. "Bot automation in itself is not always bad, but we prefer it to be on our terms," said Craig. "Overall, I would prefer to expose that data in a managed way rather than having someone indiscreetly managing it," he added.
The REA real estate platform has login portals making it vulnerable to credential stuffing. Craig calls this ‘the attack du jour’.
He adds:
"It got to the point that when you are worried about something that is highly automated and dynamic, rules-based security just collapses, and therefore you need to fight automation with automation."
Read more here
Join us February 26-27 for the Property Portal Watch Conference Bangkok 2020.
This week's Product Roundup starts with Avito (twice)... Europe: Avito partners with M2Data for listing verifications Avito Real Estate...
Read More
This week's funding and investment roundup starts with a major deal in Russia that could see a public flotation shortly......
Read More
Aurum Proptech, the parent company of India-based rental platform NestAway, posted INR2.6 billion ($31 million U.S.) in consolidated operating revenue...
Read More
Realtor.com has reported strong growth in traffic, engagement, and search visibility on a new blog post, citing recent data from...
Read More
