Use cases

🧪 4. Use Cases

GKTinc is ideal for any part of an application where forms receive sensitive data or are subject to automated abuse. It can be deployed selectively, without changing the main application logic.

🧷 Practical Examples

✅ Login Pages
Prevents brute-force and credential stuffing attacks by requiring each attempt to solve a computational challenge—making large-scale attacks impractical.
Can replace or complement reCAPTCHA, with no friction for the end user.
✅ Registration or Contact Forms
Deters spam and automated abuse with minimal overhead. Form submissions are protected without requiring extra actions from legitimate users.
✅ Exposed APIs or AJAX Endpoints
When CSRF tokens are not enough, GKTinc can add an extra layer, blocking automated use of critical endpoints.
✅ Access to Administrative or Restricted Systems
In highly critical portals, the challenge level can be adjusted according to the user's risk profile or the origin of access.

⚠️ When Not to Use

Browsers without JavaScript or environments with very limited clients (e.g., legitimate automations without a browser).
In forms that already have an interactive step by design (such as OTP or MFA) and where GKTinc would not add additional value.

📊 Monitoring

All challenge submission events can be viewed in real time on the GuardianKey dashboard:

Web Application Protection → Dissuasion

🧪 4. Use Cases​

🧷 Practical Examples​

⚠️ When Not to Use​

📊 Monitoring​

🧪 4. Use Cases

🧷 Practical Examples

⚠️ When Not to Use

📊 Monitoring