I know that most WAFs have basic bot blocking capabilities, but dedicated bot management solutions are typically much more powerful. But I’m not sure I understand when/why you need that extra power in blocking bots.
A couple examples I’ve thought of so far:
* Ecommerce websites in industries targeted by bot buyers, such as gaming consoles
* Websites that are targeted by scrapers, such as newspapers, stock sites, Amazon, etc.
* Web-based games that people might try to win via bots
It feels to me like a minority of websites would need a bot management solution…most should be fine to use their WAF to protect login pages, etc. and just ignore the rest of the bots. But maybe I’m missing something…would love to better understand why/when bot management is needed on a website!