PerimeterX Bot Defender overview

PerimeterX Bot Defender is a behavior-based bot management solution that protects your web and mobile applications and APIs from automated attacks, safeguarding your online revenue, competitive edge and brand reputation.


PerimeterX Technology Platform Works With Your Existing Infrastructure

Bot Defender can be deployed anywhere with your existing infrastructure — no changes required. PerimeterX Technology Platform can be integrated into any website within minutes. Over forty pre-built integrations support a wide range of content delivery networks (CDNs), load balancers, web servers and application servers. The out-of-band mode of operation is compatible with any cloud-based, appliance-based or serverless infrastructure.

Best-in-class Bot Protection for Your Web Apps, Mobile Apps and APIs

Safeguard your business with industry-leading bot detection accuracy and customizable mitigation for web and mobile applications and APIs. Bot Defender uses a combination of fingerprinting, behavior-based and predictive methods to detect bots and stop hyper-distributed attacks.

Block and Mitigate Bots with Unmatched Precision

The machine-learning-based PerimeterX detector processes numerous data signals collected by the PerimeterX sensor. The detector generates behavioral fingerprints to detect anomalies and continuously updates the sensor with new intelligence. The PerimeterX enforcer is integrated inline with existing infrastructure to efficiently mitigate unwanted bot traffic based on the insights provided by the system and according to your business needs.

Preserve Page Load Performance and Minimize User Friction

Bot Defender preserves your real users' experience without sacrificing page load performance. The asynchronous execution of the sensor, out-of-band detector deployment, inline integration of the enforcer and extremely low false-positive rates ensure quick response times and a positive experience for your users.

Enable Your Team to Investigate, Analyze and Report

Bot Defender provides advanced investigation, analysis and reporting capabilities, enabling customization of parameters and policies according to your business needs.

Stay Secure with Always-available Proactive Experts

Our 24/7/365 proactive security team is always available via multiple channels, including email, phone and Slack. They function as an extension of your team, investigating and resolving security incidents with insights and expertise you can count on.


The PerimeterX Bot Defender architecture is based on the following three elements:

PerimeterX Sensor

PerimeterX JavaScript snippet is inserted on your website and loads the PerimeterX Sensor to your browser. The Sensor collects and sends data to analyze the user’s and device’s behavior as well as different network activities. The sensor analyzes the authenticity of the device and application, and tracks user behavior and interaction.

PerimeterX Detector

The cloud-based detector evaluates sensor and enforcer data in real-time using machine learning and behavioral analytics to create a risk score. The risk score identifies whether a user is malicious or not and is sent in a secure and encrypted token back to the user’s device.

PerimeterX Enforcer

A lightweight module that is installed on your choice of web application, load balancer or CDN and is responsible for the enforcement functionality of the PerimeterX solution.


How the blocking works

For each activity on the PerimeterX Enforcer, an async request is sent to the PerimeterX Detector. The PerimeterX Detector, in turn, sends a command to the PerimeterX Enforcer.
The command arrives via a cookie, or in the absence of one, as a synchronous s2s request (similarly to cases such as cookie expired, cookie validation/decryption failed, sensitive route, etc.)
The command contains the appropriate course of action (allow, block, challenge, etc)