Product guides

Bot Defender Detection Tuning

Suggest Edits

If you are integrating Bot Defender with your application, then HUMAN must complete the Tuning process. Tuning involves HUMAN directly adjusting your Bot Defender configuration for optimal bot detection for your organization’s unique system. By completing this process, your Bot Defender installation will have the most accurate possible rate of detection while continuing to distinguish legitimate activity.

🚧

Warning

Tuning is required for Bot Defender. If you do not complete Tuning, legitimate users may be blocked and see your Human Challenge at high rates, or attacks may not be consistently blocked.

Prerequisites

Before you can start Tuning, be sure you complete the following:

  • Integrate client-side: This integration lets HUMAN track traffic and activity on your domain or application.
  • Integrate server-side: The HUMAN Enforcer dictates how traffic should be handled. See our supported frameworks for the relevant installation articles.
  • Configure Enforcer custom configurations: While integrating your Enforcer, there are certain custom configurations that must be set for Tuning. Each framework may have different configurations, so be sure you reference the correct configuration article for your framework. The following examples are for Fastly.
    • Set sensitive routes: Configure the sensitive route to endpoints where payment information or personal information such as emails, usernames, or passwords are sent.
    • Set to monitor mode: Configure the module mode to monitor.

Start Tuning

Once these are complete, you can begin the Tuning process by sending a request through:

Once HUMAN receives your request, we will first conduct a health check to verify your integration is configured properly. If your check is successful, then we will share the projected timeline for your Tuning process.

During Tuning

After HUMAN receives your request, we will begin to map your application and your application’s activity to better understand its behavior. This is done to ensure that Bot Defender will best serve your organization’s unique needs. HUMAN utilizes a variety of signals that Bot Defender collects, such as user agents and IP addresses, to measure this activity.

📘

Note

We recommend completing the Tuning process while your Enforcer is in monitor mode. Monitor mode reports blocks, but does not act upon them. This ensures that HUMAN’s tested detection logics will not impact legitimate users.

If you switch the Enforcer to active blocking mode before Tuning is complete, you may block and send challenges to significant numbers of legitimate users.

Once we have mapped your application, we will also begin the continuous improvement process until your Bot Defender configuration achieves ideal behavior. This is where we begin to calibrate, or tune, your Bot Defender configuration over multiple iterations. During this process, you can expect:

  • An estimation on your Tuning process duration
  • Results gradually improving over time, where blocks may increase if we find that your system needs to be more aggressive or decrease if we find that legitimate users are impacted
  • Regular updates on outstanding findings in your Bot Defender configuration
  • The opportunity to give feedback on how you observe Bot Defender is performing and to make customizations based on your team’s needs

Wrapping up

Once our experts from the HUMAN team have reached the necessary level of confidence in the detection learning mechanism, we will notify you and your team that Tuning is complete. Then, you can switch your Enforcer to active blocking (or monitor) mode, and your Enforcer will start to act upon blocked behavior.

📘

Note

While Tuning is complete for your initial Bot Defender onboarding, we recommend requesting Tuning again two weeks before you make the following changes: new endpoints, changes to endpoint names, new domains, new web or mobile applications, or changing app IDs. However, you should avoid app ID changes as much as possible.

If you’re unsure if any changes require Tuning, we encourage you to reach out to HUMAN Support.

Now, you’re ready to move on to Complete in the onboarding process!

Updated 5 months ago