OWASP Automated Threats

Perform actions to hasten the progress of usually slow, tedious or time-consuming actions.

What is Expediting?

Using speed to violate explicit or implicit assumptions about the application’s normal use to achieve unfair individual gain, often associated with deceit and loss to some other party.

In contrast to OAT-016 Skewing which affects metrics, Expediting is purely related to faster progression through a series of application processes. And OAT-017 Spamming is different to Expediting, since the focus of spam is to add information, and may not involve the concept of process progression.

Expediting is also known by terms such as algorithmic trading, automated stock trading, betting automation, game automation, gaming bot, gold farming, financial instrument dealing, high-frequency trading, last look trade, mining, purchase automation, ticketing automation, trading automation, virtual wealth generation bot.


The symptoms of Expediting

  • 1
    Uncharacteristically fast progress through multi-stage processes


Sectors targeted by Expediting

  • Entertainment
  • Financial
  • Government
  • Retail
  • Social Networking


Can InfiSecure prevent Expediting?

InfiSecure can protect websites from Expediting attempts. InfiSecure can block all automated ways to expedite actions on websites by bots. InfiSecure’s bot engines can accurately identify and restrict automated usage by fingerprinting the user agent for its unique characteristics and other data points to block advanced persistent bots.