AngelList Defeats Bad Bots with Cloudflare

Background

AngelList is the world’s largest startup community. Built with a mission to empower anyone interested in startups to find the right resources to succeed, AngelList aims to help startups raise funding, hire top talent, and launch their products to the world. AngelList’s family of companies includes AngelList Talent, AngelList Venture, and Product Hunt, which collectively managed over $1 billion in assets, supported two million candidates in their job search, and helped makers launch over 20,000 products in 2018.

Challenge

The value of any social network lies in the people who use and contribute to the platform. If the platform is instead inundated with fake accounts built using automated bots, then the core value proposition can be compromised. AngelList faced this exact challenge when an influx of bot-driven accounts began to flood the social network, threatening their revenue, user retention, and most importantly, their reputation.

In late 2018, product engineers at AngelList discovered that spambots were building fake profiles and scraping proprietary and valuable information that lives on AngelList: candidate resumes, startup and investor profiles, job listings, and more.

At first, AngelList tried solving this issue internally by building its own solution to identify fake accounts and stop malicious bot traffic. While they were successful in banning some of the bad bots, they knew a lot of malicious bots were still operating on their platform. Overall, the entire process turned out to be more time-consuming and resource-draining than they had anticipated. That’s when AngelList learned that Cloudflare had a new product specifically designed to mitigate bot attacks.

Bot Management with Cloudflare

AngelList was able to easily deploy Cloudflare’s bot management solution without the hassle of injecting JavaScript or other client-side code from their end. From day one, they have been able to quickly identify and mitigate bot traffic in real-time, with much greater accuracy.

By leveraging machine learning and behavioral analysis across the 27 million Internet properties on its network, Cloudflare’s bot management solution automatically scores every request that AngelList receives and sets thresholds to distinguish between threats and trusted sources. During the first month of its deployment, AngelList’s domains issued 39 million CAPTCHAs to over half a million IP addresses. Only 0.0033% percent of these CAPTCHAs were false positives (issued to actual customers).

Using Cloudflare’s bot protection technology, AngelList has experienced lower latency and faster performance, since the decision handling (the process of distinguishing between good and bad traffic) is supported at Cloudflare’s edge instead of the origin. Additionally, AngelList has been able to integrate bot management with the complete suite of Cloudflare’s performance and security portfolio — including Argo, DDoS mitigation, and diverse IP reputation database; thereby, strengthening their battle against malicious bots.