Bot Manager vs. WAF: Why You Actually Need Both


Blog Post by Ben Zilberman, Radware

July 28th, 2020

Malicious bots account for nearly a quarter1 of all web traffic (what a load right? Think how much you could save had you eliminated it…) and 88% of organizations have suffered hacking attempts against web applications. Websites and mobile apps are two of the biggest revenue drivers for businesses and help solidify a company’s reputation with tech-savvy consumers. However, these digital engagement tools are coming under increasing threats from an array of sophisticated cyberattacks, including bots.


While a percentage of bots are used to automate business processes and tasks, others are designed for mischievous purposes, including account takeover, content scraping, payment fraud and denial-of-service attacks. Often, these attacks are carried out by competitors looking to undermine a company’s competitive advantage, steal information or increase your online marketing costs.

When Will You Need a Bot Detection Solution?

Sophisticated, next-generation bots can evade traditional security controls and go undetected by application owners. However, their impact can be noticed, and there are several indicators that can alert a company of malicious bot activity:




Why a WAF Is not an Effective Bot Detection Tool

WAFs are primarily created to safeguard websites against application vulnerability exploitations like SQL Injections, cross-site scripting (XSS), cross-site request forgery, session hijacking and other web attacks.


A challenge – and value – in a Web Application Firewall (and one should carefully evaluate it), is the ability to keep up with changes to applications and user profiles. 70% of applications are changed at least on a weekly basis2 and WAFs should be able to tune themselves automatically and deliver continuous security


As far as bot traffic, WAFs typically feature basic mitigation capabilities and can block bots based on IPs or fingerprinting the browser or user agent generating repetitious requests. However, WAFs fall short when facing more advanced, automated threats. Moreover, next-generation bots use sophisticated techniques to remain undetected, such as mimicking human behavior, abusing open-source tools or generating multiple violations in different sessions. Against these sophisticated threats, WAFs won’t get the job done.

The Benefits of Synergy

As the complexity of multi-vector cyberattacks increases, security systems must work in concert to mitigate these threats. In the case of application security, a combination of behavioral analytics to detect malicious bot activity and a WAF to protect against vulnerability exploitations and guard sensitive data is critical.




Moreover, many threats can be blocked at the network level before reaching the application servers. This not only reduces risk, but also reduces the processing loads on the network infrastructure by filtering malicious bot traffic.

Working Together to Protect Web Applications

Web Applications are attacked around the clock, and the attackers have all the time in the world to try to figure out new ways to breach your websites and cause havoc. Partnering with a leading CDN vendor such as Limelight can further protect the integrity of applications by providing accurate and advanced cloud-based protection to ensure an always-secure online experience for customers.


Radware services on the Limelight Platform combats the sophistication of today’s attacks without sacrificing performance for security. Dynamic protection policies are automatically generated by application mapping of protected apps, to detect changes whenever new are features are added or modified and identify potential vulnerabilities.


For more info on Radware security services see www.radware.com/products/cloud-services/.


For more info on Limelight’s Cloud Security Service see www.limelight.com/products/cloud-security/.