Session Trust Assessment.

Detect anonymized sessions and coordinated abuse for smarter real-time edge enforcement.

Monocle session intelligence enables your security and fraud teams to make smarter edge enforcement decisions that reduce fraud while minimizing friction for legitimate users.

Spur Monocle enriches every user session with real-time trust signals, including anonymization status, proxy services, residential infrastructure, and emerging attacker networks. These signals extend the intelligence available to your CDN, helping security and fraud teams better understand the traffic reaching the edge.

CDNs inspect traffic and enforce policies before requests reach applications, but modern attackers increasingly hide behind residential proxies, commercial VPNs, AI agents, and rapidly changing anonymization infrastructure. Monocle adds deep network-layer visibility, making suspicious sessions easier to identify and enabling the right policy for every request.


Benefits:

  • Stop account takeover and credential stuffing attacks before authentication completes.
  • Reduce false positives and unnecessary user challenges.
  • Extend existing CDN policies with real-time session intelligence.
  • Stay ahead of rapidly evolving attacker techniques.
  • Improve analyst confidence with explainable attributes that complement challenge-based, fingerprinting, and bot management tools.
Black and white square pattern

How Spur Enables Smarter Edge Enforcement

  • 01

    Evaluate:

    Continuously evaluates every session to determine whether the underlying network can be trusted, enriching sessions with anonymized infrastructure attributes – VPN, proxy, datacenter, services, AI, and more.

  • 02

    Explain:

    Returns an explainable, policy-ready session assessment that includes an enforcement recommendation based on attributes and context, reason behind that recommendation, and a unique decision identifier for consistent governance.

  • 03

    Enforce:

    Integrates with Cloudflare and other CDNs for seamless edge enforcement, complementing existing security stacks with the missing layer of network-layer and infrastructure intelligence.

Why Teams Choose Spur Session Trust Assessment

Detects anonymization, residential proxies, automation, and AI infrastructure in every session, reducing the risk of account takeovers, scraping, and credential abuse.

Gain Deep, Actionable Insights into User Behavior

Monocle session assessments deliver insights that can accelerate your perimeter defense and fraud prevention initiatives against growing anonymization threats.

  • Spur Monocle Explorer
    01

    Explorer

Customer Success

Trusted by Teams Who Need to See What’s Real.

  • Social Media Platform:

    Stopped account farming by correlating residential proxy detection with session behavior.

    Read Case StudyArrow Right
  • Online Retailer:

    Detected coordinated scalping by correlating anonymized sessions during major product releases.

    Read Case StudyArrow Right
  • Gaming Company:

    Exposed proxy-backed abuse by enriching sessions with infrastructure and provider attribution.

    Read Case StudyArrow Right

Identify VPN services used in authentication and fraud workflows.


[Learn MoreArrow Right]

Detect automation and abuse hidden behind residential IPs.

[Learn MoreArrow Right]

Map connections with verified geographic accuracy.

[Learn MoreArrow Right]

Detect agentic activity and automation.

[Learn MoreArrow Right]

Review Spur’s 20+ enrichment attributes for transparency and precision.

[Learn MoreArrow Right]

FAQs About Spur Session Trust Assessment

Monocle deploys seamlessly in minutes via a Cloudflare Worker or other CDN. Another option is a lightweight JavaScript snippet that integrates into any web framework.

No. Monocle performs all analysis without storing user identifiers or session cookies.

Over 20 attributes combining IP enrichment (geo, ASN, proxy/VPN type) and behavioral telemetry.

All processing occurs at the edge; encrypted results are sent to your web server for controlled evaluation.

Monocle uses a Policy API to enable blocking decisions in real-time via your edge enforcement platform. For example, custom, granular rules enable you to block all anonymous users; connections that come from VPNs, proxies, datacenters, or RDP; when there is a mismatch in IP information; assessments from specific countries, and more.

With this level of granularity, security teams can flexibly apply user friction policies based on ground truth data at their existing edge, reducing the risk of blocking legitimate user sessions.

Further Reading & Insights

See What's Happening Inside Each Session.

Detect automation, abuse, and anonymized access across user sessions with real-time, CDN-native session intelligence from Spur.

Black and neon square pattern