Zero trust.

  if (monocle) {
    trust = "no one"

Currently in Closed Beta

Monocle is currently in a closed beta period with select enterprise customers. Please contact us if you are interested in participating.

How It works

Monocle functions similar to a captcha service. You add a small JavaScript stub to your website or application. On a user-action, such as a form submission, you get an assessment (a.k.a threat bundle) that you can interpret on your backend to take action.

Next Generation Proxy Detection.

We’ve been fighting on the front-lines against scaled bot campaigns emanating from residential proxy networks. Now, your organization can leverage our proprietary advancements in detection and mitigation.

Monocle is a passive zero-trust captcha that provides your web application with data to assess the risk of a user connection. Monocle is the only tool of its class capable of detecting residential proxies.



Monocle can detect a user session coming from a residential proxy, malware proxy, or other endpoint based proxy network. By detecting this at the session level, you can take action on abusive users without impacting legitimate ones.


Privacy and data security are paramount to Monocle. We don’t leave behind tracking cookies, local storage, or any other technology that allows users to be tracked or monetized. All of our user assessments take place at our edge servers, rather than a centralized backend.


Monocle’s assessment data is End-to-End encrypted and signed so that you can verify and interpret the results without hitting a third-party API. This reduces latency, improves security, and fits any deployment model.


Our session assessment provides only high-confidence boolean values. This makes a robust risk and access policy is as simple as an if/else statement.

Privacy First

Our assessments run on localized machine-learning models and parameters. The capability is the product, not your data.

Take Action

Don’t play “randomly adjust the threshold” with your risk profile. Monocle provides concrete booleans for you to enable or disable acceptable connections. Decide your security policy and then execute it.

  "vpn": false,
  "proxied": true,
  "anon": true,
  "ip": "", // hidden
  "ts": "2022-10-17T19:10:03Z",
  "complete": true,
  "id": "bc91df9d-0be6-49f3-aec8-114530615f06",
  "sid": "sign-up"

Why MOnocle?

Inferring user intent is not realistic. Many “real” users defeat captchas and abuse services. Many “bots” are part of normal web activity like site indexing. Monocle focuses on identifying specific network tools and tradecraft used for anonymization. Actors intentionally use these tools to avoid discovery. Monocle presents this data to your backend so you can determine risk at a session level.

Click Farms

By most automation detection standards, click farms constitute “real users.” These operations largely rely on residential proxy networks to reduce the activity coming from any one IP Address.

Account Takeover

Actors invariably need to hide their true IP Address when hijacking accounts with stolen credentials. Targeted attacks don’t require brute forcing and can similarly be done in human fashion.


Scaled automation campaigns (e.g. account creations, content-scraping, spam, fake content) all require “clean” IPs to masquerade as a legitimate user. Monocle detects these connections.

Common Tradecraft

Actors love to use the same tools. By tracking tradecraft, you can better attribute and identify campaigns from specific threat groups.

Get Started:



Get a site-token and deployment key. During our closed beta this will be assigned directly by our deployment team.

Contact Sales



Use our reference materials to add monocle to your website or application.

Front-End Docs



Interpret our assessment data on your back-end and start eliminating fraud from residential proxy networks.

Integration Docs