From web scraping and bypassing CAPTCHA challenges to engaging in nefarious activities like spamming, account takeover, credential stuffing, sniping and carding, automated bots have become the preferred tool for attackers, competitors and other adversaries looking to wreak havoc on your business. 

While there are security procedures to protect businesses against them, the actors behind these bots keep improving the automated programs to create even more advanced persistent systems that can accurately mimic human behaviour to evade detection when they attack. 

The Open Web Application Security Project (OWASP) created the OWASP Top 21 Automated Threats To Web Applications in response to this evolving threat. It’s designed to allow organisations to understand better and respond to the increased threats from automated bots.

Based on the OWASP list, this guide by Radware explores:

  • An overview of each automated threat in the OWASP
  • Mitigation capabilities to manage each threat
  • What a bot management solution should provide to stop them