2 min read
At the end of your analysis, you should have:
- A range of scores you can confidently block or challenge.
- Specific characteristics that identify traffic that you should allow.
- Identified other nuances in your traffic for further investigation.
Go to Security > Bots and examine the following traffic segments:
- Automated traffic: Bot scores of 1
- Likely automated traffic: Bots scores of 2 through 29
- Other traffic groups: Any additional large spikes in bot scores
Automated and Likely automated traffic
For automated traffic, sort through the IP addresses, ASNs, and other data points at the bottom of the page.
Look for traffic groups that should not be blocked — commonly API or mobile app traffic. Do the same for likely automated traffic.
Pay specific attention to:
- Which endpoints are being targeted.
- The top non-Mozilla user agents.
- Traffic from Outlook or Office user-agents.
- Traffic from cloud-based Secure Web Gateways (ASNs labeled with the proxy provider).
- Traffic from on-premises forward proxies.
- Whether requests come from a predictable IP address and ASN, or have a similar .
Other traffic groups
Use the slider tool to identify other traffic groups. For example, you may find that traffic from your mobile app is routinely scored at 12.