This blog post was co-authored by Rahul Mavila, Sr. Product Manager.

One of the largest healthcare providers in the U.S. protects its critical applications with Citrix’s bot management solution. At the beginning of the pandemic, the company prioritized the deployment of a chatbot to help consumers assess their risk of COVID-19 infection based on questions published by the U.S. Centers for Disease Control and Prevention (CDC). The chatbot instructs those whose answers indicate that they may be at risk for COVID-19 to call their primary care provider to discuss the need for testing.

The Challenges

An optimally functioning chatbot application enables people to get a timely assessment of their COVID-19 risk. Speed is important because chatbot response delays could cost lives. However, bad bot traffic to the healthcare provider’s websites increased with the surge in COVID-19 infections. The company urgently needed to manage the influx of bad bot traffic so that legitimate traffic from people seeking COVID-19 information was not affected. Most critically, the healthcare provider needed a solution that could detect malicious bot traffic quickly and efficiently.

The Solution

The healthcare provider required a bot management solution to protect its critical apps — including its chatbot — from automated bot attacks. While the company’s security team preferred a coarse filter to remove bad bots quickly, they also wanted to ensure that they could detect sophisticated bot attacks through behavioral analysis. By choosing Citrix Application Delivery Controller (ADC) with built-in bot management, they achieved both benefits from a single, integrated application delivery and security solution.

The Citrix bot management solution employs various detection methods to identify bots like IP reputation, device fingerprinting, and behavior-based analysis. Because bots vary in their degree of sophistication and are always evolving, Citrix employs a dedicated threat research team to continually refine the detection capabilities of its bot management solution.

The Results

The healthcare provider’s security team switched on the Citrix bot management solution quickly. They first used the IP reputation and signature-based detection features to block approximately 15,000 malicious bots per day. Then they enabled the Trap URL feature to clearly distinguish legitimate traffic from malicious bot traffic. With a few simple steps, they quickly restored a seamless application experience for their human chatbot users looking for timely information on COVID-19 to help them make critical healthcare decisions.

What’s Next

Because the threat landscape is constantly evolving and attacks are becoming more sophisticated, the healthcare provider’s next move will be enabling behavior-based bot detection capabilities like account takeover attack protection to secure login pages from password spraying or credential stuffing tactics.

Learn more about Citrix Application Delivery Controller (ADC) and our bot management capabilities.