The Business Logic Attack Definition (BLADE) Framework is a knowledge base for security professionals. It can help them better understand the techniques used by attackers to exploit weaknesses in the business logic of web facing systems and help prevent bot attacks, which are becoming more common.
“As MITRE Corporation have demonstrated with their ATT&CK matrices, having a framework to build a shared understanding of abuse of our systems can be a great enabler for defenders. As other retailers of limited-edition high demand “hype” products have also found, the use of bots poses a significant business challenge and having a structured means to develop and share understanding within the business and with partners is welcome,” said Simon Goldsmith, team lead for Information Security Strategy and Programmes at Adidas. “I believe contributors to the BLADE framework will see significant business benefits in sharing their knowledge. It proves a commitment to collaboration in solving an important problem and we look forward to developing and further proving its value.”
The framework was created by bot detection company Netacea. It is based on input from businesses and industry influencers, as well as Netacea’s research into threat group activities and bot attack cycles.
The BLADE Framework details the six stages of a scalper bot attack: resource development, attack preparation, reconnaissance, defense bypass, attack execution, and post attack.
“The threat landscape has been shrouded in ambiguity and misinformation for too long, and bot actors have taken advantage of it to cause significant damage which costs businesses globally,” said Matthew Gracey-McMinn, head of threat research at Netacea. “Taking inspiration from the MITRE ATT&CK Framework, our ambition with BLADE is to silence the noise in the industry, provide security operation teams with a level of understanding and knowledge that has not yet been available, and empower those teams to detect and mitigate malicious bot attacks. Our goal? Help stop bots in their tracks – no matter who is doing the stopping.”