Yes, our Bot Management system uses a variety of signals based on data collected inside the browser to determine if the browser is attempting to pretend it is a regular end-user browser. This includes low-level API fingerprinting around not just the presence of APIs, but also testing for quirks or bugs in implementation that only exist with real browsers.
Articles in this section
- How long are Instart Bot Management security events and analytics stored?
- Does Instart Bot Management help manage low-value bots that are not malicious?
- Can I turn Instart Bot Management rules on and off by myself?
- How does Instart Bot Management protect against session replay attacks?
- Can Instart Bot Management detect PhantomJS and headless Chrome pretending to be full Chrome or other browsers?
- What if bots are running a full version of the Google Chrome browser?
- We think we just have a bunch of humans attacking the site – can you help with that?