Traces Akamai Bot Manager from its February 2016 debut and the December 2016 Cyberfend acquisition through Bot Manager Premier, Account Protector, Content Protector, and the v3 sensor era as it stands in 2026.
Traces how PerimeterX became part of HUMAN Security through the July 2022 merger, the White Ops lineage behind that name, and which parts of the bot-detection stack actually changed versus which were only relabelled.
Twenty-eight years of trying to tell humans from machines, traced through the original patents, papers, and announcements. Distorted text, reCAPTCHA, the checkbox, invisible scoring, signed agents.
A primary-source history of Mirai: the 62-credential telnet worm of 2016, the record 623 Gbps hit on Krebs and the terabit OVH flood, the Dyn outage, the HackForums source leak, and the three students behind it.
Traces the February 2018 memcached reflection attack that hit GitHub at 1.35 Tbps: UDP port 11211, the 51,000x amplification claim, Akamai's ten-minute mitigation, and why disabling UDP fixed it.
A single-incident deep dive into CVE-2024-3094: the multi-year social engineering of the xz maintainer, the obfuscated build-time backdoor planted into sshd, and the 500-millisecond timing anomaly that exposed it.
Traces how a browser or plugin bug turned a page visit into code execution: the redirect chain, landing-page fingerprinting, the Flash and Java exploit-kit economy of 2010-2016, and the decline as browsers and Adobe killed the attack surface.
A primary-source history of the exploit-kit era: the fingerprint-then-exploit flow, the rental economy behind Angler, Nuclear, RIG and Magnitude, the 2016 Angler takedown, and the collapse that followed Flash's death.
Traces automated web extraction from the 1993 Wanderer and JumpStation through wget, Perl LWP, the API era, Scrapy, Selenium, the headless-Chrome shift, and the AI-training wave, with the legal landmarks along the way.
Traces robots.txt from Martijn Koster's 1994 mailing-list proposal through 25 years as a de-facto standard, Google's 2019 push, RFC 9309 in 2022, and the 2024-2025 AI-crawler revolt and llms.txt debate.
Traces Cloudflare from its Project Honey Pot origins and 2010 free-CDN launch through the 2019 IPO, Workers and the edge platform, bot management and Turnstile, to the 2025 pay-per-crawl move.
How bot mitigation became an industry: the founding of Distil, Shape, PerimeterX, DataDome and Kasada, Akamai and Cloudflare moving in, the 2019-2023 consolidation wave, and where the market sits in 2026.
Traces HTTP from Berners-Lee's one-line 1991 protocol through RFC 1945, the RFC 2068/2616/7230 era of HTTP/1.1, Google's SPDY, HTTP/2 (RFC 7540/9113), and HTTP/3 over QUIC (RFC 9114).
Traces the lineage of transport encryption from Netscape's SSL 2.0 through TLS 1.0-1.2 to RFC 8446, told through the attacks that forced each revision: BEAST, CRIME, POODLE, Heartbleed, FREAK, and Logjam.
Traces the user-agent string from RFC 1945 through the Mozilla token, the Mosaic-Netscape-IE spoofing spiral, and Chrome's 2020-2023 freeze and reduction into User-Agent Client Hints.
Traces the HTTP cookie from Lou Montulli's 1994 design at Netscape through RFC 2109, 2965, and 6265, the third-party tracking era, and the SameSite phase-out endgame that never quite arrived.
Traces distributed denial of service from the 1996 Panix SYN flood and the 1999 Trinoo tools through Mafiaboy, Spamhaus, Mirai, HTTP/2 Rapid Reset, and the 31.4 Tbps records of 2025.
A primary-source history of the botnet, from 1990s IRC bots and the EarthLink Spammer through Storm, Conficker, Zeus, Mirai's IoT swarm, and the residential-proxy networks that now launder scraping and fraud.
Traces the content delivery network from the flash-crowd problem and Akamai's 1998 MIT spinout, through Limelight, EdgeCast and CloudFront, to Cloudflare's free tier and the shift to programmable edge compute.
Traces DNS from the ARPANET's single HOSTS.TXT file through Mockapetris's 1983 design (RFC 882/883, then 1034/1035), BIND, DNSSEC, the 2008 Kaminsky cache-poisoning crisis, and the move to encrypted DoT and DoH.
How BGP went from a 1989 lunch sketch to the protocol every network on Earth depends on: EGP's replacement, BGP-4 and CIDR, the routing table's relentless growth, and the security retrofits that came decades too late.
Traces the proxy from CERN httpd's 1994 caching gateway through corporate forward proxies, web anonymizers, the open-proxy spam era, Tor, and today's residential and mobile proxy economy built on consumer devices.
Traces Selenium from Jason Huggins's 2004 JavaScriptTestRunner through Selenium RC's proxy hack, the 2009 WebDriver merger, and WebDriver becoming a W3C Recommendation in 2018.
Traces Puppeteer from the April 2017 headless-Chrome announcement through its CDP foundation, the stealth-plugin arms race, the team's departure to build Playwright, and the long shadow it cast over scraping.