StackPath has sophisticated user behavior and reputation analysis rules to prevent malicious attacks on a customers site. The following is a list of the automated advanced threat detection capabilities that are available to you.
| Name | Definition |
| Anti-Spam | Challenge (CAPTCHA, JavaScript Validation) sessions when activities seem to aggressively use forms on your website to possible post spam content, generate new accounts, or more. |
| Probing and Forced Browsing | Challenge (CAPTCHA, JavaScript Validation) or block requests that seem to make brute-forced requests on random URLs to possibly discover a web application's structure and hidden directories. |
| Obfuscated Attacks and Zero-Day Mitigation | Block clients that perform multiple injections attacks. |
| Repeated Violations | Challenge (CAPTCHA) or block clients that fail to answer a previously displayed challenge. |
| Brute-Force Protection | Challenge (CAPTCHA) or block requests when there is an attempt to guess user names and passwords on web login forms. |
All five of these rules are enabled by default. To enable or disable a protection vector, simply click on the toggle switch to turn it off or on.