Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how to implement advanced bot detection and blocking techniques using network fingerprinting in this DEF CON 33 conference talk. Discover Finch, a lightweight reverse proxy that makes traffic routing decisions based on TLS and HTTP fingerprints including JA3, JA4, JA4H, and HTTP/2 protocols, operating before malicious traffic reaches production servers or research honeypots. Explore how traditional IP blocklists become obsolete within minutes while fingerprint-based approaches maintain effectiveness for months. Understand the integration of a custom AI agent that monitors Finch's event stream to automatically silence routine bot activity, update security rules, and generate convincing stub responses for unhandled request paths. Master the implementation of a self-evolving, fingerprint-aware firewall system that significantly reduces bot noise while transforming passive security traps into dynamic deception mechanisms for enhanced cybersecurity defense.
