Integration Lifecycle

This page provides an overview of the lifecycle of an BotGuard for Applications integration.

Discovery

Our team will meet with your team to understand your system, threat models, and the best path of integration (e.g. Non-Interactive, Passive or Active). Aligning early will ensure integration and relationship success.

Business Questionnaire

Our team will share a Business Questionnaire where you will confirm the surfaces (i.e. pages and forms) on your website that will be protected. We might ask you to schedule a meeting to go over these.

Technical Questionnaire

Our team will share a Technical Questionnaire with you, where you’ll indicate which optional parameters you intend to send via tag parameters and Mitigation API request. The more data you send, the better your Detection results will be. We might request a live meeting to review the completed questionnaire.

Integration

All components of the integration can be done in parallel.

Detection Tag

All integrations require the Detection Tag to run.

CNAME

Implement CNAME DNS record changes in your system. One of our Solutions Engineer will provide you with the records to create. On your side, choose a suitable subdomain to use. Don’t use anything related to bots, fraud, or abuse. Good subdomain examples include ts1.[domain].com, rose.[domain].com or zy.[domain].com.

Setup

After the Technical Questionnaire is complete, our team will provide a Detection Tag. This tag will contain a tag ID and a client ID that are unique to you. You'll follow the Detection Tag Guide to set up the tag and inform the Customer Success team once you’ve done so.

Validation

Once the tag is up, the Customer Success team will check and confirm that the tag is set up properly.

Mitigation API

Passive and Active integrations require a server-to-server call to the Mitigation API.

Setup

After the Technical Questionnaire is complete, you'll follow the Mitigation API Guide to make requests to the Mitigation API from your backend server code. Our team will provide an API key to use for authentication.

Validation

Once integration of the Mitigation API is complete, the Customer Success team will check and confirm that the integration is running properly.

Reporting API (optional)

If you’re interested in using our Reporting API, please coordinate with your Customer Success team and reference Reporting API documentation. It is possible to do this in parallel with other implementation efforts.

Data Monitoring

Once the integration phase is complete, our team will monitor the data coming through from your integration and use that information to further ensure that the integration has accounted for any nuanced to your use-cases. During this time, our team may provide more feedback on how to optimize the integration or to share some initial insights into bot traffic. This period will usually last around 1-2 weeks.

Trial Phase (optional)

If you have signed up for a Proof-of-Concept project with us, you will go through a trial phase after Data Monitoring. The trial phase is a 3-5 week period during which you will evaluate the performance of the Application Integrity solution. During this phase, you should expect the following:

  • Regular meetings to review data, address questions and share feedback
  • You’ll provide our team with your own detection data for us to review. This might consist of just giving us a list of False Positives/False Negatives.
  • Our team will share more detailed findings either once (at the end of the trial phase) or twice (a lightweight presentation at the mid-point and a more robust one at the end).

Wrap-Up

At the end of the trial phase, we’ll do a formal wrap-up with your team and deliver an analysis of the bot behavior we experienced. This presentation will be Delivered by our Detection team and will contain actionable insight for you. Next steps after that will be discussed with your Sales representative.

Go Live

Once you are finished with the regular integration, or after the conclusion of the trial phase, we’ll move to the Go-Live phase. This is when you’ll deploy our solution on your website to cover the entirety of the traffic that visits your chosen surfaces. At this point, it is expected that if you’ve chosen our Active solution, you will start acting upon the Mitigation API responses.