DataDome offers protection for Web servers and the accounts that are held on them. This includes employee accounts for all businesses and customer accounts for eCommerce enterprises.
The DataDome system can protect websites, mobile apps, and APIs. The tool is a cloud-based service and it is deployed as a plug-in. You activate protection by DataDome by including a line in the code of your Web applications. Essentially, this is a function call. Commencing with the system requires a consultation with a DataDome analyst, who will look at your Web applications and advise where that line of code should be inserted.
DataDome protection
The DataDome service offers protection against:
- DDoS attacks
- Server overloading
- Scalping and inventory hoarding
- Fake account creation
- Credential stuffing
- Card fraud
- Card cracking
- Vulnerability probing
- Scraping
- Account takeover
Many of these types of attacks are performed by bots. A bot is an automated process that attacks other computers. The bot software can be resident on a cloud server account or it can be installed on a computer without the knowledge or permission of the device’s owner through malware infection.
DataDome protection modes
DataDome has fifteen types of protective action. Each of these can be adjusted like a graphic equalizer adjusts the different channels in a stereo system’s output. Just as a graphic equalizer has pre-set, the DataDome system offers four defense modes for protecting businesses when they are in specific phases of activity. These are:
- Balanced Protection Mode The default setting aims to protect against bot attacks and online fraud.
- Flash Sales Protection Mode Amps up the fraud settings by implementing visitor behavior analysis and throttles access to those outside the target geographical area of the sale.
- Breaking News Protection Mode Expects increased traffic generated by publicity and also increases defenses against DDoS attacks.
- Under Attack Protection Mode High-security procedures to switch on when an attack is underway. This mode would restrict access to some genuine visitors so should only be used for short periods.
Beyond those four modes, the system administrator can blend the levels of the 15 security protection measures to blend a custom solution.
DataDome usage
DataDome doesn’t pre-filter Web traffic. It offers an assessment service for connection requests and incoming Web traffic. The system that it services, reaches the function call for DataDome at the point that it receives a packet.
DataDome performs its checks on the arriving packet and returns a straightforward response to accept or reject the connection. Although potentially, the system can run through 15 different testing processes, the average time that the referral takes is 2 ms. However, settings that turn on all tests will cause greater delays.
The fact that the full service will slow down your traffic explains why users will fine-tune the settings of the service and only request the tests that are relevant to the specific circumstances of the protected system. Not all sites will need card fraud prevention systems or shopping cart defense services. The threat of DDoS attack or server overloading is going to be greater for some Web services. So, the ability to selectively adjust the service to bring in different protection methods extends the target markets that the tool would suit.
DataDome prices
DataDome is offered in three editions. These are:
- Business
- Corporate
- Enterprise
All plans are priced by subscription with an annual rate and a monthly rate. The prices are:
- Business – $3,890 per month or $35,880 per year ($2,990 per month)
- Corporate – $7,790 per month or $$71,880 per year ($5,990 per month)
- Enterprise – Priced by negotiation
The prices are high, but the service has an impressive client list that includes the New York Times, TripAdvisor, and McDonald’s.
DataDome can be assessed with a demo or by accessing a 30-day free trial.
DataDome strengths and weaknesses
DataDome is an impressive system and it has attracted some very large and savvy clients. We have assessed the service and identified some pros and cons about its package.
Pros:
- Flexible service with 15 adjustable assessment methods
- Four pre-set controls
- Protects mobile apps and APIs as well as websites
- Fraud protection
- Bot blocking
Cons:
- Very expensive
- Doesn’t reduce traffic load on a Web server
Alternatives to DataDome
DataDome is an interesting service, its fraud protection systems combined with bot blocking processes makes it an ideal solution for eCommerce businesses. The fact that it also protects mobile apps is another plus. However, it is a very expensive service and its operating model of advising Web servers means that it doesn’t lighten a load of heavy traffic in situations such as DDoS attacks.
The blend of fraud protection and bot blocking is fairly unique. However, there are some very strong rivals to DataDome on the market.
Our methodology for selecting an alternative to DataDome
We reviewed the market for bot detection and blocking systems like DataDome and analyzed the tools based on the following criteria:
- The ability to distinguish between automated traffic and genuine visitors
- Behavior tracking to identify fraud or account takeover
- A system that can be adapted for different protection requirements
- Possible data security standards auditing and reporting
- Fast processing speeds
- A free trial or a demo for a cost-free assessment
- Value for money, represented by a combination of services offered at a fair price
With these selection criteria in mind, we looked for SaaS packages that can protect websites, mobile apps, and APIs from attack.
Here is our list of the five best alternatives to DataDome:
- Cloudflare Bot Manager EDITOR’S CHOICE A cloud-based bot protection system that is offered in bundles that include analytics, a content delivery system, DNS services, and a free SSL certificate. This system is offered in free and paid editions.
- Indusface AppTrana Web Application Firewall (FREE TRIAL) A cloud-based package of website protection services that includes bot blocking, vulnerability management, application security, and fraud prevention.
- Reblaze Bot Management A SaaS platform that acts like a proxy server to remove harmful traffic before it reaches the server.
- Radware Bot Manager A plug-in package that provides a request assessment service and blocks hacker activity.
- ClickCease A cloud-based service that protects against bot-driven click fraud and volume attacks.
You can read more about each of these options in the following sections.
1. Cloudflare Bot Manager
Cloudflare is a widely-used edge service for Web applications. The company started out offering DDoS protection, which was – as still is – the most damaging bot activity against websites. The company expanded its services to include a DNS system and a content delivery network (CDN). Now, this cloud platform provides packages of essential services to Web applications.
Key Features:
- Constant availability
- DDoS protection
- Browser fingerprinting
- DNS management
- Content delivery network
Why do we recommend it?
The Cloudflare Bot Manager uses a variety of methods to generate a fingerprint of the source of each request that arrives at your Web server. The Cloudflare system is a proxy server, so traffic passes through it on the way to your Web server and other services in the same Application Security and Performance package include DDoS blocking, SSL certificate provision and management, and a content delivery network.
The key to Cloudflare’s success lies in its free package. The company has partnered with Web hosting providers to offer this entry-level bundle of essentials to every new eCommerce entrepreneur. This gives the company a very large client base. Although many startups fall by the wayside, those winning Web businesses that survive and thrive tend to stick with Cloudflare as they grow.
Cloudflare performs a form of DNS hijacking to get the traffic for a site or service to go to its servers. The company has more than 200 data centers located around the globe. This enables the service to offer a CDN that goes beyond traffic filtering for Web server protection. Cloudflare takes a copy of a protected website and hosts it at many (but not all) of its globally dispersed data centers. That means the original server is only accessed by Cloudflare for update checks. It becomes a master copy.
Cloudflare ensures continuity by switching over the presentation of a website from one data center to another if one server goes offline or gets overloaded. This global load balancing means that your site is permanently available.
Cloudflare maintains a blacklist of attackers that goes beyond just storing IP addresses. The service uses browser fingerprinting that searches several factors about the browser and a host computer that provides a more precise identifier than an IP address.
The Cloudflare system can identify all forms of automated Web activity that emanate from bots. This includes content scraping, inventory hoarding, credentials stuffing, and spam email.
The entry-level plan from Cloudflare is Free.
Who is it recommended for?
Cloudflare is a very effective marketer and offers a Free plan to new website owners. This is delivered in conjunction with Web hosting services, so the company gets ahead of the market, stitching its services into new websites that could very well grow. Established companies that want more capacity can choose a paid plan.
Pros:
- Blocks scraping, credentials stuffing, and inventory hoarding
- DDoS protection
- Optimization and fast transmission
- Protected DNS service
- Free SSL certificate
Cons:
- Extensive checks on flagged visitors can take a long time to complete
EDITOR’S CHOICE
Cloudflare Bot Management is our top pick for an alternative to DataDome because it is the leading bot management system available in the world. The service doesn’t include the fraud checks of DataDome but it offers a CDN and SSL protection, which aren’t included in the DataDome package. The offer of Cloudflare’s bot protection, CDN, DNS service, and SSL management for free is unbeatable.
Get started for free: https://www.cloudflare.com/plans/free/
Operating system: Cloud-based
2. Indusface AppTrana Web Application Firewall
Indusface AppTrana is a combined firewall and vulnerability scanner and this package is delivered from the cloud. The AppTrana system operates as an edge service, standing between the protected Web server and the outside world. While receiving traffic and filtering out malicious activity, it also looks back to the Web server and scans it for weaknesses.
Key Features:
- Bot protection
- Vulnerability scanning
- Activity tracking
- Cloud-based
Why do we recommend it?
Indusface AppTrana Web Application Firewall implements protection for Web applications and APIs. The service is available as a cloud SaaS package that receives all traffic before it gets to your Web server and filters out threats. These functions include a bot detection system. The Indusface platform also provides a SIEM and a virtual patching service.
The Indusface system ensures that all the technical features that support your site are unassailable. The system performs behavior tracking for application activity, so it is also able to identify damaging activity, such as click fraud and inventory hoarding.
AppTrana operates a CDN, which means that the load on your servers will be almost non-existent. As traffic passes through this proxy server, the AppTrana system deploys AI-based machine learning systems to identify harmful activity. This application-level examination of traffic can identify bot activity by its behavior rather than by its source or traffic types. With this feature, the AppTrana system can eradicate a range of harmful activities, such as click fraud, account takeover, inventory hoarding, and card fraud.
There are two plan levels for AppTrana. The first of these offers all of the protection services described above. This is called AppTrana Advance. The higher plan, AppTrana Premium, is a fully managed service and is suitable for large organizations that don’t want to hire their cyber security experts. You can examine the system by accessing a 14-day free trial of AppTrana.
Who is it recommended for?
Indusface AppTrana is a competent service but, like all of the tools on this list, it is in competition with Cloudflare, which is a tough market leader to catch up with. The upper plans of this service include vulnerability scanning and threat detection plus a patching service. This combination of services provides value for money.
Pros:
- Option for a fully managed service
- Detection for bot activity within a website
- Fast delivery of Web content
- Constant availability
Cons:
- No on-site version
3. Reblaze Bot Management
Reblaze Bot Management is a proxy service that offers traffic filtering to protect your Web servers. The biggest attraction of this service is its lightning speed. It can perform all of its tests on an incoming packet at an average speed of 0.5 milliseconds. That compares to 2 milliseconds for DataDome.
Key Features:
- Fast scanning
- DDoS protection
- Four levels of security checks
Why do we recommend it?
Reblaze Bot Management provides traffic assessments four times faster than DataDome. As response times are crucial to websites and mobile apps, that factor could be the feature that swings your purchase away from DataDome to the Reblaze service. The bot detection process is a four-phase system that includes behavior analysis and profiling/fingerprinting.
Reblaze is a self-hosted system but you don’t install it on your site. Instead, it runs on a cloud account with AWS, GCP, or Azure, among others. This deployment strategy gives you maximum control but with complete offloading and keeps your Web servers safe from overloading.
Your installation acts as a front end to the worldwide Reblaze system. So, this service is partly in hand and partly hosted. The data centers of Reblaze with cache your website, performing a CDN service.
The filtering tests that the Reblaze bot detection service performs include behavior analysis, so it can spot activity irregularities that enable it to block click fraud, account takeover, and impersonation attempts.
The Reblaze dashboard provides activity reports that don’t just show you where attacks have come from, but also offer valuable marketing insights. You can use this system to test new products and page layouts. Reblaze is available for a 30-day free trial.
Who is it recommended for?
This package is suitable for mid-sized and large operators of websites and mobile apps. Reblaze doesn’t publish a price list, which is a big detraction for small businesses. This tool is fast and effective and it can also cannel traffic from IoT devices.
Pros:
- Activity tracking and fraud blocking
- Logging and market analysis
- Combination of in-house and managed hosting
Cons:
- No published price list
4. Radware Bot Manager
Radware Bot Manager offers a similar deployment strategy to that implemented by DataDome. The processing service is hosted in the cloud but you access it by adding a line of code to your website, mobile app, or API. This function call returns a status advisory that tells the Web server whether to pass or block the incoming packet.
Key Features:
- An off-site service accessed through a plug-in
- Application-level assessments
- DDoS identification
Why do we recommend it?
Radware Bot Manager is a payment and purchasing fraud protection system, while also protecting Web assets from attack. The bot manager is included in a plan with a CDN, DDoS blocking, click fraud prevention, and Web scraping detection. The tool is implemented as an API that is called within a Web page.
The Radware system uses AI to spot application-level attacks, so it doesn’t just rely on factors such as the source or form of each incoming packet. This behavior analysis allows you to block a range of bot activities, not just DDoS attacks.
Despite being accessed through a plug-in, this system offers a range of protection options for system administrators to choose from. These include a confounding strategy of sending back a notification that the address wasn’t reached to persuade the bot controller to drop that Web asset from their victim lists. It is also possible to add in a reCAPTCHA challenge to block bots.
Radware offers a Web application firewall and the bot management service can be added to that. The WAF is hosted but you can opt to install it on your site as a virtual appliance. Radware Bot Manager is available on a 30-day free trial.
Who is it recommended for?
This system isn’t a proxy service and so it won’t be very elective at blocking DDoS attacks because your Web server can be overwhelmed while checking each superfluous request. The tool includes a deception strategy of sending back a Page Not Found notification. Radware doesn’t publish a price list.
Pros:
- Fast assessments
- Fight back option
- Can be integrated into a Web application firewall
Cons:
- Your Web server still has to process all incoming traffic
5. ClickCease
ClickCease focuses on click fraud and offers proof for those who want to claim refunds from Google Ads and Facebook Ads. Although ClickCease has a bot detection strategy, it isn’t designed to manage defenses against traffic-based bot activity, such as DDoS attacks, so you would probably use this service in conjunction with another bot blocker – the free Cloudflare service, for example.
Key Features:
- PPC budget maximization
- Fraud proof for refund claims
- Easy to implement
Why do we recommend it?
ClickCease is a click fraud blocker that is a good defense against advertising networks that bump up their fees through bot-driven actions. The tool also prevents competitors from messing up your inventory by filling up carts and then abandoning them or by clicking in irregular places to mess up your real user monitoring statistics and marketing analysis.
ClickCease points out that 20 percent of all clicks on websites are fake and drive up the cost of pay-per-click advertising. The service can also spot competitor actions, activist “cancel” campaigns, and accidental clicks. The ClickCease package aims at helping you get the most out of your PPC budget by only allowing intentional clicks from potential customers to count on your metered ad account.
Like DataDome, ClickCease is implemented through a plug-in line in your web pages. The service uses a combination of its blacklist and behavioral analysis to spot fake clicks on a page.
ClickCease is offered in two plans, which are Standard for a single domain and Pro for unlimited domains. Try out the system and see if it will pay for itself by accessing a 7-day free trial.
Who is it recommended for?
This is a great service and the company’s advertising campaign shows that the team has an enthusiastic sense of fun. The issue of click fraud is serious and the company does its job well. It’s marketing strategy is very intense and once you visit the Clickease site, you will find you are followed around the Web by its targeted advertising.
Pros:
- Includes Ad-spy to analyze competitor advertising strategies
- Good for small businesses
- Integrates well with content management systems, such as WordPress
Cons:
- Doesn’t offer DDoS protection