Taxonomy

The following is the Threat Profile and Threat Category Taxonomy for BotGuard for Applications. This provides insight into the classification of traffic and events on pages where the BotGuard for Applications product is deployed. Additionally it enables specificity on how to action (mitigate traffic) depending on the property where the event occurred and on the classification.

Threat Profile: Primary level taxonomy (Bot, Non Standard, or Valid). When Bot, action should be to block. When Non Standard, action will depend on property being targeted and risk tolerance. When Valid, action should be to allow.

Threat Category: Secondary level taxonomy to provide further detail on the associated threat.

Threat Profile

Reason Code

Threat Category

Bot - Evidence of automation or compromise

BOT

BOT-ENT_BVR

Abnormal Entity Behavior

BOT

BOT-API

API Abuse and Signal Evasion

BOT

BOT-BFA

Brute Force Attack

BOT

BOT-KNO_MAL

Known Botnets and Malware

BOT

BOT-KNO_SPD

Known Spider

BOT

BOT-RPA

Replay Attack or Manipulated Request

BOT

BOT-BOT

Sophisticated Bot

Non Standard - Not BOT, but significant deviations from organic traffic that may warrant investigation

NSD

NSD-ENT_BVR

Abnormal Entity Behavior

NSD

NSD-LOC

Abnormal Location

NSD

NSD-ANO_DEV

Anomalous Device

NSD

NSD-ANO_USR

Anonymized User

NSD

NSD-BAD_REP

Bad Reputation

NSD

NSD-INF_DEV

Infected Device

Valid - Neither BOT nor NSD

VAL

VAL-ALL_LST

Allow List

VAL

VAL-NEU

Neutral