Click here to sponsor Fudge Sunday and post jobs!

Music: Supertramp - Take the Long Way Home (1979)

This week we take a look at recent funding for DataDome, related bot management solutions, and the road ahead.

Getting Informed

In the hemisphere where I write Fudge Sunday newsletter, the Spring showers have arrived and warmer weather is on the way. Summer is coming and with it — outdoor concerts!

Many decades ago, a wall calendar was often marked with key dates for when tickets went on sale for an artist or band that was going on tour. When the big day arrived people would head to their local record store to camp out to get in line for tickets going on sale… or drop by that day for lawn seats — and shows could be sold out in a few days or a week or two.

Now, the entire ticketing experience can be done online. Tickets are an e-commerce click or two away from being printed locally, will call, or by postal mail.

However, there is a downside to such modern conveniences. Through this same modern ticketing experience and modern automation technology, it is now possible for tickets to sell out in a few minutes online to buyers (aka scalpers) that seek to profit on a secondary market for a monstrously large number of tickets never intended for personal use.

So, how are tickets selling out so fast online? In a word: Bots.

Perhaps you read recently about artists taking a different route to selling tickets. The reason why is artists are increasingly aware that the bots (for supplying secondary markets / resellers / aka scalpers) and the convenience fees are ruining the fun for their concert going fans.

Maggie Rogers Sold Tour Tickets In Person — No Ticketmaster

And brings her fans with her.

To be clear, this issue of Fudge Sunday is not going to weigh in on the merits of free markets / convenience fees / the music industry / captured venue regulations / political lobbying / online sales exclusivity / unregulated monopolies / counterfeiting / etc… but I will weigh in on anti-bot technology… and the bot technology escalations of recent years.

In fact, for any scarce items sold online from sneakers to limited edition collectibles to concerts to auction style events in general, this bot vs. anti-bot escalation is playing out as funding rounds for anti-bot startups, increasingly sophisticated bad actor automation technology, as well as the brave new world of machine learning — and eventually AI models being applied by both sides.

Why should you care if you’re feeling good? 🎶

Think back a few years and you might recall funding of companies that protect e-commerce storefronts from bots.

Techmeme: DataDome, which helps secure e-commerce marketplaces against web scraping, account takeover, and payment fraud, raises $35M Series B led by Elephant (Kyle Wiggers/VentureBeat)

By Kyle Wiggers / VentureBeat. View the full context on Techmeme.

Then a few months later the scraping (scalping?) community would respond in kind…

incolumitas.com – So you want to Scrape like the Big Boys? 🚀

What it really takes to scrape without getting detected.

Correlation? Causation? Maybe?

Frustration? Absolutely.

Olivia Rodrigo’s fans left in tears as ‘Sour’ tour sells out

Thousands of Olivia Rodrigo‘s fans are crying around the world after her debut “Sour” tour sold out in minutes only to be resold at high prices.

Then a year later, the scraping / reseller (scalping?) community would become burnished as a side hustle culture…

How to Use Sneaker Bots to Buy & Resell Shoes in 2022 | Complex

Everything you need to know about getting into sneaker bots, including how to buy and use them, learning about sneaker culture, and much more.

Then a year later, the funding arrives once more for startups that seeks to protect retailers from the bad actors that have evolved and escalated their anti-anti-bot tools…

Techmeme: NYC-based DataDome, whose service protects apps, websites, and APIs from bots, raised a $42M Series C led by InfraVia Growth, taking its total funding to $82M (Kyle Wiggers/TechCrunch)

By Kyle Wiggers / TechCrunch. View the full context on Techmeme.

Here is a short list of the players in this space: (alphabetically)

• Akamai
• Arkose Labs
• AWS
• Azure
• Cequence
• Cloudflare
• DataDome
• F5
• Fastly
• Google
• hCAPTCHA
• IBM
• Imperva (Acquired Distil Networks in 2019)
• Kasada
• Netacea
• PerimeterX (Merged with Human in 2022)
• Radware(Acquired ShieldSquare in 2019)
• Reblaze
• ThreatX

Huge list, right? Clearly, there is more than just repackaged OWASP in this list and there are distinct references to AI/ML.

So what is so interesting about DataDome? In a word: Accessibility.

In fact, as far back as 2021, DataDome made the following claims:

A digital business can activate DataDome protection in less than 1 hour

Source: DataDome

Who’s to blame if you’re not around? 🎶

In 2023, there are new realities like “bypass” guides that call out Data Dome by name and myriad references on sub reddit and deep web sites that cater to the anti-anti-bot community.

How to Bypass DataDome: Complete Guide 2023 - ZenRows

Bypass DataDome with this detailed guide. Learn how it detects bots and how to reverse engineer the DataDome antibot system.

All signs point to this back and forth continuously iterating and increasingly leveraging AI/ML infused escalation as well as proliferation. As such, it’s not shocking that analysts from Forrester Research are weighing in to educate, inform, and provide guidance.

Avoid A Bot Waterloo

Tickets to the live Eurovision performances in the UK have been bought up by bots. Read on to find out how to avoid this situtation.

So, what will be the next big thing in anti-bot solutions and anti-anti-bot technologies?

Until then… Place your bets!

Work Plug

As a reminder, after a +25 year walkabout, I’m an IBMer (again). For 2023, in “Work Plug”, I’ll share a new link each week that is educational, accessible, and relevant to platform engineering from fellow IBMers¹ in the wider IBM Community.

Stay tuned!

Disclosure

I am linking to my disclosure.