Introducing a web security ACL to block based on device fingerprints

Distil Networks, Inc., a bot detection and mitigation company, has announced a web application security Access Control List (ACL) platformA to block based on device fingerprints, providing a more effective way for website defenders to manage and apply whitelists and blacklists across their online applications.

'A key piece of feedback we got from our Bot Defense Council was that they were spending too much time managing ACLs in their firewall or WAF, so we set out to reimagine what a modern ACL could be,' said Rami Essaid, CEO of Distil Networks. 'Traditionally, ACLs have been centered around IP addresses, but Advanced Persistent Bots simply rotate through IP addresses or hide behind proxy networks. With our Universal ACL, customers can set a policy with a very specific set of information, then apply it to a specific path, domain or API. They can even put someone in a 'penalty box', which can then automatically deprecate after say 48 hours. There's no need to worry about what IPs are associated with, say North Korea. We manage all that for you. This is the easy button for controlling how you whitelist and block different types of traffic hitting your websites and APIs.'

While ACL creation and updating has typically been time consuming and hard to manage, Distil's Universal ACL offers a policy-based approach for effective time management, visibility, and control. Customers can create a universal ACL policy, which they can then apply to a specific domain, URL/path, API, or across their entire Distil Networks account.

Unlike traditional ACLs that are limited to IP addresses, the ACL enables whitelisting or blacklisting based on any combination of IPs, countries, organizations, tokens, hi-def fingerprints, user agents, and referrers. Distil also shields users from the tedious task of managing IP drift. For example, instead of uploading and maintaining a list of IPs that correspond to unwanted traffic from a nefarious organization, hosting provider, or country, the ACL provider updates the corresponding IPs automatically behind the scenes.