video1.0<iframe src="https://www.loom.com/embed/f80e552d5c5d454e82f173699c04030a" frameborder="0" width="1470" height="1102" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>11021470Loomhttps://www.loom.com11021470https://cdn.loom.com/sessions/thumbnails/f80e552d5c5d454e82f173699c04030a-19e4ca61e820c641.gif270.56Hi, I am Sam Preston, a new sales engineer at ZUPLO. I walked through a bot management use case where customers want rate limiting based on Akamai bot score or forwarded bot headers, without needing an outright deny for the whole segment. In my TypeScript demo, I set different thresholds by confidence, strict around 15 requests per minute for scores 0 to 50, 10 requests per minute for the middle segment, and 5 requests per minute for the highest 90 to 100 segment. I also used client TLS fingerprint as the rate control key instead of client IP to better handle distributed attacks. I showed test 429 responses using the Akamai bot header and a custom client TLS fingerprint header, and I asked you to reach out with questions at Sam at Sam at Zuplo.com.