Overview of New BotManager Features: Protecting Your Business from Malicious Bots, dynamic URL with AI Scoring
Summary
AI-powered features have been newly introduced to BotManager, including AI Scoring, AI Assistant, and AI Policy Recommendations.
By leveraging dynamic URLs, it fundamentally blocks direct API call attacks based on network packet analysis.
It also provides detailed statistics on credential-based attacks, such as Credential Stuffing (account takeover) and Password Spraying attempts.
What is BotManager?
It is a solution that identifies and blocks malicious bot macros that blend into real user traffic, distort key business metrics, and increase server load.
Performs real-time analysis of incoming traffic at the identifier level
Detects malicious bots hidden within legitimate user traffic that undermine fairness and contaminate data, and blocks them based on configured policies
Ensures only legitimate traffic enters the system, preventing distortion of business metrics
Blocks malicious bot traffic to reduce unnecessary load, prevent server disruptions, and optimize infrastructure costs
What are the 5 new features?
Feature | Key Role | Key Benefit |
AI Scoring | Automatically analyzes risk at the identifier level and suggests recommended actions | Shortens the detection-to-response cycle |
AI Assistant | Enables natural language queries to review block history and policy status | Allows even non-experts to quickly understand and act |
AI Policy Recommendations | Automatically suggests thresholds and policies based on 7-day data | Eliminates the burden of manual tuning |
Dynamic URL & Obfuscation | Dynamically transforms URLs per session and obfuscates frontend code | Prevents direct-link bypass and disables macro-based attacks |
Account Takeover Attack Defense Statistics | Behavioral Analysis of Account Takeover Attacks + Statistical Insights | Account Takeover Detection & Prevention |
1. AI Scoring
Enhanced Risk Scoring Capabilities:
AI analyzes request patterns at the individual identifier level (login ID, session ID, IP)
automatically assigns a three-tier risk score—Low, Medium, or High.
Decision Rationale (Key Findings):
Goes beyond simple policy violation checks to interpret the actual threat posed by the traffic.
Detects anomalies in request velocity
Identifies signs of automated click patterns
Analyzes deviations from normal user behavior
Provides actionable threat insights such as:
‘This IP is highly likely using automated scripts to crawl specific endpoints.’
Recommended Actions:
Provides concrete, immediately actionable responses tailored to the detected threat type.Introduces actionable measures such as CAPTCHA enforcement
Restricts access to specific URLs
Applies additional authentication steps
Significantly shortens the entire cycle from threat detection to response.
2. AI Assistant
Improved Accessibility with a Chat-Based Interface: Designed as a conversational interface that allows users to query and analyze security data using natural language. Users can quickly check blocked IPs, detection policy status, block history, and root causes—without the need for SQL queries or dashboard training.
3. AI Policy Recommendations
Introduction of Data-Based AI Recommendation Features:
Based on collected data
Threshold adjustments
Policy activation status
Removal of unnecessary policies
It automatically suggests macro detection policies, reduces the burden of manual policy tuning for operators, and supports data-driven decision-making.
Operators can use the following features:
Check recommended thresholds calculated based on 7 days of traffic data
Apply policies according to strategy (Conservative – Balanced – Aggressive)
4. Dynamic URL & Obfuscation
BotManager’s URL obfuscation feature provides the following capabilities:
Dynamic URL Transformation
URLs are dynamically changed per session, fundamentally blocking direct API call attacks based on packet capture
Effectively defends against automated bots, scraping, and unauthorized crawling
Frontend Code Obfuscation
Transforms code into an obfuscated format that is difficult for humans to read or analyze
Prevents attacks such as service logic analysis, direct function calls, and attempts to bypass security solutions
Provides a multi-layered defense that is difficult for attackers to predict or analyze—directly countering direct-link bypass in ticketing sites and neutralizing macro-based attacks.
5. Account Takeover Attack Defense Statistics
Enhanced Detection and Blocking Capabilities: Enables detection and mitigation of account takeover attacks through dynamic behavioral analysis, while providing dedicated statistical insights for these attack patterns.
Attack Type | Description | Detection Threshold |
Credential Stuffing | Automated attacks that test large volumes of leaked ID/password pairs using bots | Number of ID/password combinations |
Password Spraying | Attacks that repeatedly try multiple passwords across a small number of accounts to avoid lockouts | Number of password attempts |
FAQ
Q. How is AI Scoring different from traditional rule-based detection?
A. Rule-based detection only identifies predefined conditions (e.g., exceeding N requests per minute), whereas AI Scoring analyzes multiple signals—such as request velocity, click patterns, and behavioral profiles—to provide contextual threat assessment along with recommended actions. It can also respond to previously unknown automation patterns.\
Q. What types of attacks do dynamic URL and obfuscation prevent?
A. By dynamically transforming URLs on a per-session basis, it fundamentally blocks bot attacks that attempt direct API calls via captured network packets. In addition, frontend code obfuscation prevents service logic analysis, direct function calls, and attempts to bypass security solutions—effectively countering direct-link bypass in ticketing sites and disabling macro-based attacks.
Q. What is the difference between Credential Stuffing and Password Spraying?
A. Credential Stuffing involves automatically testing large volumes of leaked ID/password pairs, while Password Spraying attempts multiple passwords across a small number of accounts to avoid account lockouts. BotManager detects and blocks both attack types through dynamic behavioral analysis and provides detailed, attack-specific statistics.
Q. How often are AI policy recommendations updated?
A. Recommendations are calculated based on the most recent 7 days of traffic data. Operators can choose from conservative, balanced, or aggressive strategies and immediately apply the suggested thresholds.