Zero trust.

  if (monocle) {
    trust = "no one"


Monocle Community Edition has recently launched for open registration. Please contact us if you are interested in enterprise versions of Monocle.

Next Gen Proxy Detection

How It works

You add a small JavaScript stub to your website or application. On a user-action, such as a form submission, you get an assessment (a.k.a threat bundle) that you can interpret on your backend to take action.

We’ve been fighting on the front-lines against residential proxy networks. Now, your organization can leverage our proprietary advancements in detection and mitigation.

Monocle is a passive zero-trust captcha that provides your web application with data to assess the risk of an individual user connection. Monocle is the only tool of its class capable of detecting residential proxies. See our FAQs.



Monocle can detect a user session coming from a residential proxy, malware proxy, or other endpoint based proxy network. By detecting this at the session level, you can take action on abusive users without impacting legitimate ones.


Privacy and data security are paramount to Monocle. We don’t leave behind tracking cookies, local storage, or any other technology that allows users to be tracked or monetized. All of our user assessments take place at our edge servers, rather than a centralized backend.


Monocle’s assessment data is End-to-End encrypted and signed so that you can verify and interpret the results without hitting a third-party API. This reduces latency, improves security, and fits any deployment model.


Our session assessment provides only high-confidence boolean values. This makes a robust risk and access policy is as simple as an if/else statement.

Privacy First

Our assessments run on localized machine-learning models and parameters. The capability is the product, not your data.

Take Action

Don’t play “randomly adjust the threshold” with your risk profile. Monocle provides concrete booleans for you to enable or disable acceptable connections. Decide your security policy and then execute it. See it live on our website.

  "vpn": false,
  "proxied": true,
  "anon": true,
  "ip": "", // hidden
  "ts": "2022-10-17T19:10:03Z",
  "complete": true,
  "id": "bc91df9d-0be6-49f3-aec8-114530615f06",
  "sid": "sign-up"

Why MOnocle?

Inferring user intent is not realistic. Many “real” users defeat captchas and abuse services. Many “bots” are part of normal web activity like site indexing. Monocle focuses on identifying specific network tools and tradecraft used for anonymization. Actors intentionally use these tools to avoid discovery. Monocle presents this data to your backend so you can determine risk at a session level.

Click Farms

By most automation detection standards, click farms constitute “real users.” These operations largely rely on residential proxy networks to reduce the activity coming from any one IP Address.

Account Takeover

Actors invariably need to hide their true IP Address when hijacking accounts with stolen credentials. Targeted attacks don’t require brute forcing and can similarly be done in human fashion.


Scaled automation campaigns (e.g. account creations, content-scraping, spam, fake content) all require “clean” IPs to masquerade as a legitimate user. Monocle detects these connections.

Common Tradecraft

Actors love to use the same tools. By tracking tradecraft, you can better attribute and identify campaigns from specific threat groups.

Get Started



Get a site-token and deployment key. During our closed beta this will be assigned directly by our deployment team.

Create a Deployment



Use our reference materials to add Monocle to your website or application using our reference implementations and libraries.

Front-End Docs



Interpret our assessment data on your back-end and start eliminating fraud from residential proxy networks.

Backend Integration Docs