Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:50 PM
Dark Reading
Dark Reading
Products and Releases

Kasada Announces General Availability of New V2 Platform

NEW YORK, NY -- March 16, 2021 -- Kasada, provider of the most effective and easiest way to defend against advanced persistent bot attacks, today announced the general availability of its new V2 platform. To address the increasing sophistication of bot attacks, Kasada has upgraded its platform to provide real-time defense against advanced bots that are left undetected by traditional methods. In its V2 release, Kasada has made several improvements that provide customers with an immediate and long-term approach to bot mitigation, without the need for burdensome maintenance. These include:

  • A 15x increase in client interrogation sensors, ensuring the stealthiest automation tools are detected
  • New proprietary obfuscation which deters reverse engineering attempts, making it extremely difficult and expensive for attackers to retool
  • An enhanced cryptographic challenge, wrecking the ROI of bot operations and helping to eliminate the need for CAPTCHAs

“Intruders continue to stay a step ahead of defenses - constantly evolving their tactics to create new bots that look and act like humans,” said Sam Crowther, founder and CEO of Kasada. “Stopping a bot attack and trying to prevent the next one with behavioral analysis is not effective. What is needed is a proactive approach, one that is constantly adapting alongside attackers, requiring automated bots to prove they’re from a source controlled by a human.”

Kasada’s new V2 defense platform is a modern anti-bot solution that stops attacks by preventing them from entering an organization’s infrastructure in the first place - and does so without reliance on rules, heuristics, or risk scoring. Legacy detection systems let automated requests in first to look for suspicious activity - but, by then, it’s already too late. By adhering to a zero-trust philosophy, Kasada detects and stops malicious automation from the very first request, before it can do any damage. As bot operators evolve their tactics, including the use of new bots never seen before, Kasada detects with precision in real-time.

“A different approach to bot mitigation is long overdue,” added Ed Amoroso, CEO at TAG Cyber. “To stay one step ahead of bots, you need to immediately prevent new stealthy tactics from doing damage - while also halting their long-term attempts to reverse engineer and bypass your defenses. Kasada frustrates, deceives, and makes attacks too costly to conduct.”

The economics and ease with which bots can be used make it highly profitable to conduct automated attacks at scale. Through Kasada’s use of mitigative actions and exponentially difficult cryptographic challenges, attackers are frustrated, and their financial incentive is destroyed as the cost to conduct an attack increases.

“Kasada’s bot defense platform helps us prepare for whatever the latest tactics and attacks are, stop them before they can cause any damage, and deter future attempts to infiltrate our operations,” said Howard Blumenthal, senior director eCommerce, Kaman Distribution Group. “Put simply, Kasada works.”

Kasada’s V2 improvements include:

  • Increase in Interrogation Sensors for Advanced Bot Detection - Kasada has increased its client interrogation sensors by 15x, accurately detecting the use of Puppeteer and Playwright, stealth plugins, and other similar headless browser automation tools. For mobile apps, it has also incorporated new detections for Android emulators and iOS simulators. These developer tools help attackers fly under the radar of traditional bot mitigation approaches that look for known suspicious behaviors first, instead of identifying the presence of bot-driven automation itself.
  • Unique Obfuscation Method Resistant to Retooling - Instead of relying on weak obfuscation methods or open-source JavaScript tools that can be deciphered easily, Kasada pioneered its own patented technology that dramatically slows any retooling or reverse-engineering attempts. Kasada’s lightweight software obfuscates its defenses by using its own proprietary interpreter.

Traditional bot mitigation solutions lose their efficacy over time because the motivated adversaries - the humans behind the bots - are able to reverse engineer defenses. Kasada retains its efficacy by making retooling time-consuming and frustrating, encouraging bot operators to move on to more profitable ventures.

  • Enhanced Ability to Strike Back - Kasada uses sophisticated cryptographic challenges to further impede bots. Designed to wreck the ROI of bot operations, the challenge has been enhanced and now uses new advanced mathematical models to prevent bot attacks. This process also eliminates the need for CAPTCHAs, which have been shown to be an ineffective tool for validating humans.
  • More Efficient and Cost-Effective Data Storage for Threat Intelligence - By exporting its data into any observability platform or SIEM, organizations can combine Kasada data with other sources to comprehensively analyze the human, good bot, and bad bot traffic, providing real-time threat intelligence and business insight. Aggregate data volume has been decreased by up to 70%, without losing any information, greatly reducing the cost to store granular log data.

Interested parties can learn more about Kasada’s enhanced platform and watch a 1-minute video.

About Kasada

Kasada is the most effective and easiest way to defend against advanced persistent bot attacks across web, mobile, and API channels. With Kasada, trust in the Internet is restored by foiling even the stealthiest cyber threats, from credential abuse to data scraping. The solution invisibly stops automated threats while inflicting financial damage to attackers, destroying their ROI. With the ability to onboard in minutes, Kasada ensures immediate and long-lasting protection while empowering enterprises with optimal online activity. Kasada is based in New York and Sydney, with offices in Melbourne, San Francisco, and London. For more information, please visit www.kasada.io and follow on Twitter, LinkedIn, and Facebook.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-16
A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions <...
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.
PUBLISHED: 2021-04-16
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.
PUBLISHED: 2021-04-16
SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.