Distil Networks is protecting the web from malicious bots with its newly announced Bot Defense for API solution. Bot Defense is designed to prevent malicious bots from accessing the API servers powering public-facing websites and mobile apps.

“While usage of APIs to drive web and mobile apps is exploding, the security of those APIs remains a grave concern, with 21% of APIs going live without any input from security professionals,” said Rami Essaid, CEO and co-founder of Distil Networks. “Distil believes that the benefits of APIs shouldn’t come at the expense of security, which is why we have released Bot Defense for Web API and Mobile Apps. Now, the API server that powers your website or mobile app is also protected against advanced persistent bots.”

According to the company, hackers use malicious bots to perform web scraping, brute force attacks, online fraud, account hijacking, data mining, unauthorized vulnerability scans, spam, digital ad fraud and downtime. Bot Defense verifies whether or not a person is trying to gain access through a verified browser or device in order to protect against these advanced persistent bots (APBs).

Key features in the Bot Defense for Web API include: hi-def fingerprint, a known violator database, client-side interrogation, browser-not-present detection, domain-specific and global machine learning models, and device-based rate limiting.

The mobile app APIs include: a mobile SDK, mobile token management, emulation detection, automation detection, reserve engineering detection and device-based rate limiting.

“Our technology verifies that humans, using verified browsers or mobile applications (on actual mobile devices) are allowed access. Every user is given a unique identifier and tracked using machine learning to ensure even the most crafty APBs are thwarted,” Peter Zavlaris, product marketing manager for Distil Networks, wrote in a post.