Session Trust Assessment.
Detect anonymized sessions and coordinated abuse for smarter real-time edge enforcement.
Monocle session intelligence enables your security and fraud teams to make smarter edge enforcement decisions that reduce fraud while minimizing friction for legitimate users.
Spur Monocle enriches every user session with real-time trust signals, including anonymization status, proxy services, residential infrastructure, and emerging attacker networks. These signals extend the intelligence available to your CDN, helping security and fraud teams better understand the traffic reaching the edge.
CDNs inspect traffic and enforce policies before requests reach applications, but modern attackers increasingly hide behind residential proxies, commercial VPNs, AI agents, and rapidly changing anonymization infrastructure. Monocle adds deep network-layer visibility, making suspicious sessions easier to identify and enabling the right policy for every request.
Benefits:
- Stop account takeover and credential stuffing attacks before authentication completes.
- Reduce false positives and unnecessary user challenges.
- Extend existing CDN policies with real-time session intelligence.
- Stay ahead of rapidly evolving attacker techniques.
- Improve analyst confidence with explainable attributes that complement challenge-based, fingerprinting, and bot management tools.

How Spur Enables Smarter Edge Enforcement
- 01
Evaluate:
- 02
Explain:
- 03
Enforce:
Why Teams Choose Spur Session Trust Assessment
Gain Deep, Actionable Insights into User Behavior
Monocle session assessments deliver insights that can accelerate your perimeter defense and fraud prevention initiatives against growing anonymization threats.
01Explorer
Where Spur Session Trust Assessment Delivers Value
Trusted by Teams Who Need to See What’s Real.
- Read Case Study
Social Media Platform:
Stopped account farming by correlating residential proxy detection with session behavior.
- Read Case Study
Online Retailer:
Detected coordinated scalping by correlating anonymized sessions during major product releases.
- Read Case Study
Gaming Company:
Exposed proxy-backed abuse by enriching sessions with infrastructure and provider attribution.
Detect automation and abuse hidden behind residential IPs.
Map connections with verified geographic accuracy.
Detect agentic activity and automation.
Review Spur’s 20+ enrichment attributes for transparency and precision.
Real-time enrichment for authentication and fraud detection.
Full dataset for large-scale analysis or compliance workflows.
Connect Spur data directly into your security and analytics tools.
FAQs About Spur Session Trust Assessment
Monocle deploys seamlessly in minutes via a Cloudflare Worker or other CDN. Another option is a lightweight JavaScript snippet that integrates into any web framework.
No. Monocle performs all analysis without storing user identifiers or session cookies.
Over 20 attributes combining IP enrichment (geo, ASN, proxy/VPN type) and behavioral telemetry.
All processing occurs at the edge; encrypted results are sent to your web server for controlled evaluation.
Monocle uses a Policy API to enable blocking decisions in real-time via your edge enforcement platform. For example, custom, granular rules enable you to block all anonymous users; connections that come from VPNs, proxies, datacenters, or RDP; when there is a mismatch in IP information; assessments from specific countries, and more.
With this level of granularity, security teams can flexibly apply user friction policies based on ground truth data at their existing edge, reducing the risk of blocking legitimate user sessions.
See What's Happening Inside Each Session.
Detect automation, abuse, and anonymized access across user sessions with real-time, CDN-native session intelligence from Spur.















