Executive Summary

Organizations face an increasing threat of automated and human-driven fraud and abuse, including account takeovers, SMS pumping, and inventory hoarding. The prevalence of automated fraud forces organizations to incur refund and chargeback losses, drains security team productivity, and erodes customer trust.

Kasada is a security platform that prevents malicious activity, including automated bots, agents, and human-driven abuse, by stopping attackers from successfully interacting with websites, applications, and APIs. By intervening before attacks, Kasada can reduce downstream impacts such as fraud losses, operational strain, and degraded customer experience.

Kasada commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying the Kasada platform.1 The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Kasada on their organizations.

200%

Return on investment (ROI)

 

$4.6M

Net present value (NPV)

 

To better understand the benefits, costs, and risks associated with this investment, Forrester interviewed four decision-makers with experience using Kasada. For the purposes of this study, Forrester aggregated the experiences of the interviewees and combined the results into a single composite organization, which is a B2C organization with 30,000 employees and $10 billion in annual revenue, a large portion of which comes from online sales.

Interviewees noted that prior to Kasada, their organizations had content delivery network (CDN) solutions with some bot mitigation capabilities in place, but they said those tools failed to catch a substantial portion of bot activity, produced high false-positive rates, and delivered limited value relative to their cost. These limitations led to overburdened security teams and frequent automated fraud incidents (e.g., credential stuffing, SMS toll fraud, using bots to hoard inventory) that reduced customer trust.

After the investment in Kasada, the interviewees’ organizations were able to detect and block a higher volume of bad bots than they previously could, leading to fraud reductions and time savings for security staff. Most of the organizations significantly reduced or fully eliminated their legacy CDN and bot management costs, creating additional savings.

“For every dollar we spend on Kasada, we’re preventing $15 to $30 in loss.”

Engineering lead, apparel

Key Findings

Quantified benefits. Three-year, risk-adjusted present value (PV) quantified benefits for the composite organization include:

  • Reduction in fraud from detecting and blocking 85% of bad bot traffic. By blocking the vast majority of automated fraud attempts, Kasada helps the composite organization reduce its annual fraud costs from where they were with its legacy CDN bot management solution. Over three years, the composite avoids a risk-adjusted $2.5 million in fraud costs with Kasada.

  • More than $1 million in annual infrastructure cost savings from blocking malicious bot traffic before it reaches applications. Kasada allows the composite to filter out malicious bot traffic, reducing the organization’s load on its CDN, application servers, and backend services while lowering its bandwidth use and compute consumption. The reduction in bot traffic leads to a risk-adjusted $2.4 million in infrastructure cost savings over three years.

  • Security team productivity lift of 40% when responding to bot attacks and managing bot detection tools. Because Kasada addresses the majority of the composite organization’s automated attack instances before manual investigation or response is required, its security and fraud teams see direct time savings when responding to bot attacks. Reduced labor required to manage bot mitigation further boosts staff productivity. Collectively, these employee time savings are worth a risk-adjusted $303,000 to the composite over three years.

  • Cost savings from retiring legacy systems. After implementing Kasada, the composite organization gradually retires its more expensive legacy bot management system. The composite begins by layering Kasada on top of its legacy tool, and as the organization becomes more comfortable with Kasada, it reduces the number of applications to which the legacy solution is assigned each year. Over three years, these cost savings are worth $1.6 million.

Unquantified benefits. Benefits that provide value for the composite organization but are not quantified for this study include:

  • Smoother customer experience from CAPTCHA-free sign-in process. Kasada removes CAPTCHAs from the composite organization’s sign-in and check-out processes. This leads to more seamless experiences, which eliminates frustration and potential cart abandonment, boosts customer satisfaction, and improves conversion rates.

  • Improved data quality from reduced bot traffic. Kasada filters out bot traffic, which provides the composite organization with cleaner, more trustworthy data across its analytics and reporting systems. With metrics such as login success rates, conversions, and user behavior patterns, the composite improves decision-making across its marketing and product teams.  

  • Time savings for customer support staff. Because the composite uses Kasada to decrease the number of account takeovers, the organization’s customer support staff spends less time handling password resets, identity verifications, and fraud remediation. This frees capacity for more complex customer issues.

  • Additional value from Kasada account support. Kasada’s account support team provides the composite organization with proactive monitoring of bot threats, regular performance reviews, and quick escalation during emerging threat events. Kasada does not charge the composite for professional services.    

Costs. Three-year, risk-adjusted PV costs for the composite organization include:

  • Kasada usage costs. The composite incurs fees from Kasada based on the volume of traffic and the number of applications protected. Over three years, these costs amount to a risk-adjusted total of $2.1 million.

  • Internal labor required for Kasada implementation. The composite dedicates a small amount of employee labor to supporting the Kasada implementation process. These internal labor costs are worth a risk-adjusted $14,000. 

  • Internal labor for ongoing management of Kasada. The composite has one employee dedicate approximately 25% of their time to managing the Kasada deployment on an ongoing basis. The cost of this labor amounts to $116,000 over three years.

The financial analysis that is based on the interviews found that a composite organization experiences benefits of $6.8 million over three years versus costs of $2.3 million, adding up to a net present value (NPV) of $4.6 million and an ROI of 200%.

Share of bad bot traffic filtered out by Kasada

85%

“Kasada is a very cost-effective solution, and [the company is] just very proficient in security. They’re very curious about how they can help us with our [bot] attacks. … They are absolutely one of the best vendors I’ve ever worked with.”

Manager of security, electronics

Key Statistics

200%

Return on investment (ROI) 

$6.8M

Benefits PV 

$4.6M

Net present value (NPV) 

<6 months

Payback 

Benefits (Three-Year)

[CHART DIV CONTAINER]
Cost savings from reduced fraud Infrastructure cost savings Security and fraud labor cost savings Legacy solution cost savings

 Capability Spotlight

Kasada Account Intelligence

The engineering lead at an apparel company reported their organization was piloting Kasada’s Account Intelligence solution. Account Intelligence extends beyond automated threat mitigation by analyzing behavior signals to identify human-driven fraud and broader account risk. The interviewee said they expect the solution to help their organization make clearer decisions about when to let users proceed, slow them down, or block them altogether, based on how risky the activity appears.

They described the value: “We can see if we have a high-trust consumer, for example if they are on the same device as before, and their behavior is the same as before. We can then use Kasada’s data feed to lower the relative consumer friction to boost conversion or make them re-MFA or reenter their password if they’re a higher-risk consumer.”

The Kasada Customer Journey

Drivers leading to the Kasada investment

Interviews

Role Industry Region Annual Revenue
CISO Travel North America $1.5 billion
Manager of security Electronics Global >$10 billion
Engineering lead Apparel Global >$10 billion
Security specialist Airline Global >$10 billion

Key Challenges

The interviewees shared that prior to implementing Kasada, their organizations had legacy CDN bot defense solutions in place. However, each interviewee noted that the incumbent tools had limitations that led to common challenges and forced a tradeoff between security effectiveness, customer experience, and operational efficiency.

  • Ineffective bot defense. Interviewees reported persistent bot-driven fraud, including credential stuffing and account takeovers, that their legacy bot solutions failed to stop despite aggressive rule tuning. As attackers evolved automated attack tactics, the legacy tools became increasingly reactive and required constant manual intervention. The CISO at a travel organization described the limitations: “We have a competing product that we have used for many years. We reached a point in Q4 of 2024 where the existing tooling wasn’t effective enough to stop some of the advanced account takeover activities that were happening. … When we would see a threat actor come through, we would work with that provider, but it could take a month for them to create rules or signatures to block these things. As soon as you make one switch, the threat actors alter their approach.”
    The security specialist at an airline said their legacy solution often failed to correctly classify malicious and benign bots, increasing the organization’s risk exposure: “With false negatives, we don’t even know if the bots are good or bad, we just know that we have a lot of traffic that our previous provider is marking as ‘clean traffic.’ Based on time pattern, user behavior, and the way they travel across endpoints, we could tell they weren’t human, but our previous provider wouldn’t block it.”

  • Excessive false positives. The interviewees noted previous tools frequently miscategorized legitimate users as bots, causing unnecessary blocks and friction for real customers while still allowing sophisticated attackers to get through. Eventually, this eroded confidence in the solutions and drove complaints from both customers and internal security teams. The engineering lead at an apparel company described the impact: “Our previous provider was not catching any of the [automated] attacks. Every time we did iterate, false positives would spike through the roof, and our consumers would be impacted.”

  • Disruptive CAPTCHA experiences. Some interviewees reported their previous applications and websites relied on CAPTCHAs, which interrupted critical login and transactions flows and led to customer frustration and abandonment. These interviewees shared that even with CAPTCHAs, their legacy tools failed to detect and meaningfully reduce automated attacks. The engineering lead at an apparel company said: “We want to operate as low-friction as humanly possible while meeting compliance and security guidelines.”

  • Stagnant legacy platforms. Interviewees cited a lack of innovation from legacy providers, noting slow feature development and limited adaptation to emerging attack techniques and fraud patterns. When new rules were introduced, attackers were often able to quickly reverse-engineer them and reexploit the environment. The engineering lead at an apparel company reported: “We dropped our legacy bot management tool because their innovation was too slow. When they did innovate, the lifetime of those new innovations before attackers would reverse-engineer and defeat them was shrinking quickly over time.”

Investment Objectives

The interviewees searched for a solution that could:

  • Accurately distinguish real users from malicious actors by reducing both false positives that block legitimate customers and false negatives that allow sophisticated attacks to get through.

  • Eliminate customer friction by removing CAPTCHAs and other disruptive challenges from login and transaction flows.

  • Provide proactive account support that identifies and warns about emerging bot and fraud threats before they impact the business.

  • Deliver stronger protection than legacy solutions at a lower cost.

“With [our legacy provider for] bot management, we had too many false positives and false negatives. With false positives, our provider would bring an incident to us, and then we [would] have to jump into action. Those were a nightmare for us.”

Security specialist, airline

Composite Organization

Based on the interviews, Forrester constructed a TEI framework, a composite company, and an ROI analysis that illustrates the areas financially affected. The composite organization is representative of the interviewees’ organizations, and it is used to present the aggregate financial analysis in the next section. The composite organization has the following characteristics:

  • Description of composite. The composite organization is a large, global enterprise with approximately $10 billion in annual revenue — much of which comes from direct-to-consumer digital channels — and 30,000 employees. It has a legacy CDN and bot management solution.

  • Deployment characteristics. Rather than deploying protection across its entire digital footprint, the composite takes a targeted approach and prioritizes Kasada for high-risk applications and customer-facing websites where automated fraud risks are most acute. Initially, the composite layers Kasada on top of its legacy bot management platform. In Year 2, the composite fully retires its legacy solutions.

 KEY ASSUMPTIONS

  • $10 billion annual revenue

  • 30,000 employees

  • Large B2C digital presence

  • Legacy bot management solution in place

Analysis Of Benefits

Quantified benefit data as applied to the composite

Total Benefits

Ref. Benefit Year 1 Year 2 Year 3 Total Present Value
Atr Cost savings from reduced fraud $960,000 $1,008,000 $1,058,400 $3,026,400 $2,500,977
Btr Infrastructure cost savings $918,000 $963,900 $1,012,095 $2,893,995 $2,391,559
Ctr Security and fraud labor cost savings $121,680 $121,680 $121,680 $365,040 $302,600
Dtr Legacy solution cost savings $382,500 $803,250 $843,413 $2,029,163 $1,645,239
  Total benefits (risk-adjusted) $2,382,180 $2,896,830 $3,035,588 $8,314,598 $6,840,375

Cost Savings From Reduced Fraud

Evidence and data. Interviewees said Kasada reduced fraud risk for their organizations by filtering out a significantly higher volume of sophisticated bot activity than their previous bot management solutions. By accurately identifying and blocking automated attacks that legacy tools failed to detect, Kasada helped lower overall fraud exposure without increasing friction for legitimate customers.  

  • Across the board, the interviewees shared that implementing Kasada dramatically decreased the bad bot traffic flowing to their applications. The security specialist at an airline compared Kasada to a previous vendor: “For one of our critical endpoints, bot traffic has dropped by over 90%. Overall, bad bot traffic has declined by around 50% on applications protected by Kasada.”
    The CISO at a travel company also said bot traffic declined significantly: “During the POC (proof of concept), Kasada pulled us aside and told us that we are dealing with some of the most talented [threat actors]. But we definitely saw a significant reduction in bots post-Kasada implementation because [bots] just weren’t being successful anymore. … We no longer have to contact our customers about their information being compromised through a bot or an account takeover.”

  • Interviewees reported that Kasada particularly was particularly effective at detecting low-volume traffic that closely mimics human behavior but is generated by sophisticated bot attacks. The CISO at a travel organization described how this was a differentiator: “Kasada has the ability to identify the really challenging stuff, whereas other providers are good at looking for more signature-based or volumetric-based bot traffic. Kasada is really, really good at the low-level, low-volume traffic that looks like human traffic but is actually bots. I haven’t seen or heard of other providers doing that as well.”

  • The interviewees shared that their organizations improved detection accuracy with Kasada, with fewer legitimate users incorrectly blocked and fewer malicious bots slipping through compared to their prior solutions. The security specialist at an airline noted: “The magical moment is when we have an incident with our legacy provider, and then we switch that traffic to Kasada. After we switch it, we usually see a huge improvement in terms of false positives. Kasada will help you do the tuning, and after that there are almost no incidents.”

The same interviewee described how Kasada helped their organization better identify false negatives: “We had one critical service protected by our legacy provider, and then we added Kasada. Kasada [was given] some time to study our traffic and found sophisticated attacks on our endpoints, and applied [additional] tuning. After the tuning, we noticed a 90% drop in traffic hitting our origin. Kasada found out 90% of traffic was bots, which our previous provider didn’t tell us about. That is how good Kasada is.”

  • Interviewees agreed that using Kasada led to a sharp drop-off in both false negatives and false positives. The manager of security at an electronics company stated: “We’ve seen a 50% reduction in false positives. Kasada overall has very low false positives, and that was a big frustration with our previous vendor as people were being challenged constantly. … We’ve seen an overall reduction in the number of attacks because attackers have found it difficult to get past Kasada in a number of ways.”

  • The interviewees praised Kasada’s threat intelligence, which they said surfaced emerging bot patterns and attack techniques early. They also shared that Kasada not only detected and blocked bots but also provided proactive guidance on emerging threats and how best to respond. The CISO at a travel company noted: “Kasada’s threat intel is top-notch. I can also call Kasada at any moment and ask what they see with our security, and they always have good help for us. It’s just what they do as a company.”

  • Interviewees explained that with improvements in detection accuracy, actionable insights from Kasada account teams, and overall reduction in bot volume, their organizations reduced the number of account takeovers. The manager of security at an electronics company stated: “We use Kasada to reduce credential stuffing, which is essentially when bad actors get lists of reused passwords and they run automated attacks across our web authentication endpoints to see what passwords match. … We have seen a 20% reduction in credential stuffing [compared to the previous provider].”

  • The engineering lead at an apparel company estimated that Kasada reduced their organization’s fraud costs by between $15 million and $30 million per year. The interviewee described how Kasada defended against specific attack types, including:  

    • Automated scraping and inventory hoarding. The interviewee stated: “We used to experience attacks with hundreds of millions of check-out attempts against product that would lock out our inventory so our real consumers couldn’t actually purchase anything. Those sorts of attacks are completely unsuccessful now. That’s a nonissue ever since we’ve had Kasada.”
    • SMS toll fraud. The interviewee described how Kasada blocks automated abuse of authentication and verification workflows: “SMS toll fraud or SMS pumping is an attack vector that we have really seen ramp up over the last few years. Just on SMS fraud alone, there’s a multimillion-dollar-a-year risk surface, that if we did not have this protection [from Kasada], we would be experiencing at scale.”
    • Promotion abuse. The interviewee said: “[Previously,] there were huge, automated, AI voice-based attacks against our consumer services to sit and tie them up until they would give discount codes, and then those discount codes were being used to purchase huge amounts of product at a discount. We then implemented Kasada, and [instances of] that went down. Kasada was hugely helpful there.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • Without any sort of bot management solution, the composite organization would experience $8 million in bot-driven fraud per year on applications migrated to Kasada in Year 1. These costs grow by 5% each year.

  • The composite organization’s legacy CDN and bot management tool filters out 70% of bad bot traffic.

  • Kasada detects and blocks 85% of bad bot traffic.

Risks. Cost savings from reduced fraud will vary depending on the following factors:

  • The share of bad bot traffic the organization filters out before migrating to Kasada.

  • The specific types of automated attacks the organization faces.

  • The number and types of applications protected by Kasada. 

  • The organization’s baseline fraud costs.

  • Maturity of the organization’s bot management toolset.  

Results. To account for these risks, Forrester adjusted this benefit downward by 20%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.5 million.

85%

Share of bad bot traffic blocked with Kasada

“Kasada’s responsiveness is so much better than [that of] not just my other [bot defense] provider, but [that of] any of my security tools. ... With Kasada, I have a product that I have complete confidence in.”

CISO, travel

“If we look at checkout submits that should be coming across versus ones that should not be allowed, we can see that 97% to 98% of checkouts were correctly mitigated and offloaded by Kasada.”

Engineering lead, apparel

Cost Savings From Reduced Fraud

Ref. Metric Source Year 1 Year 2 Year 3
A1 Baseline annual bot-driven fraud and account takeover exposure Composite $8,000,000 $8,400,000 $8,820,000
A2 Share of bad bot traffic blocked with legacy vendor Interviews 70% 70% 70%
A3 Share of bad bot traffic blocked with Kasada Interviews 85% 85% 85%
At Cost savings from reduced fraud A1*(A3-A2) $1,200,000 $1,260,000 $1,323,000
  Risk adjustment 20%      
Atr Cost savings from reduced fraud (risk-adjusted)   $960,000 $1,008,000 $1,058,400
Three-year total: $3,026,400 Three-year present value: $2,500,977

Infrastructure Cost Savings

Evidence and data. Interviewees reported that Kasada helped reduce infrastructure costs by blocking malicious traffic before it reached their organizations’ applications and back-end systems. They said that by blocking automated requests at the edge, Kasada lowered unnecessary compute consumption, reduced load on authentication, SMS, and checkout services, and minimized downstream processing triggered by bots.  

  • The CISO at a travel company shared: “We saw a reduction in [bot traffic] growth, which then prevented us from having to increase infrastructure costs. I don’t have to scale up [content delivery network or cloud compute] costs as I can reduce the bot traffic before it gets back to my servers.”

  • The engineering lead at an apparel company shared: “Our tech spend with our cloud providers has dramatically reduced due to the fact that Kasada mitigates fraud or arbitrage campaigns that require huge data scraping infrastructure. Over the last few years, that is tens of millions of dollars of additional value.”

  • The security specialist at an airline noted that Kasada led to a drop between 50% and 90% in bot traffic on the organization’s endpoints, and they said Kasada helped rightsize infrastructure spend: “When we see a 90% drop in bot traffic for a critical endpoint, we can save money on spinning up resources on that surface.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • Without any bot management solution, the composite organization would incur $18 million in web or API infrastructure spend in Year 1. These costs grow by 5% each year.

  • Of those costs, 40% is driven by bad bot traffic.

  • The composite’s legacy CDN and bot mitigation solution filters out 70% of bad bot traffic.

  • Kasada detects and blocks 85% of bad bot traffic.  

Risks. Infrastructure cost savings will vary depending on:

  • The organization’s baseline infrastructure costs and compute-intensity of the applications protected by Kasada.

  • The share of traffic from malicious bots. Whether the organization starts from a less-mature bot management toolset.  

  • Maturity of the organization’s bot management toolset.

Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.4 million.

$1M+

Avoided infrastructure costs per year

Infrastructure Cost Savings

Ref. Metric Source Year 1 Year 2 Year 3
B1 Baseline web or API infrastructure spend on applications protected by Kasada Composite $18,000,000 $18,900,000 $19,845,000
B2 Portion of infrastructure spend driven by bad bot traffic Composite 40% 40% 40%
B3 Annual infrastructure spend driven by bad bot traffic B1*B2 $7,200,000 $7,560,000 $7,938,000
B4 Share of bad bot traffic blocked with legacy vendor Interviews 70% 70% 70%
B5 Share of bad bot traffic blocked with Kasada Interviews 85% 85% 85%
Bt Infrastructure cost savings B3*(B5-B4) $1,080,000 $1,134,000 $1,190,700
  Risk adjustment 15%      
Btr Infrastructure cost savings (risk-adjusted)   $918,000 $963,900 $1,012,095
Three-year total: $2,893,995 Three-year present value: $2,391,559

Security And Fraud Labor Cost Savings

Evidence and data. Interviewees said Kasada significantly reduced the time their organizations’ security and fraud teams spend responding to automated attacks and managing bot defenses. They explained that by automatically detecting and neutralizing sophisticated automation without constant rule-tuning, Kasada offloaded management tasks and cut the need for reactive investigations during attack spikes.  

  • Interviewees reported less time is needed to investigate and remediate account takeovers and other fraud incidents because Kasada blocks credential-based attacks before accounts are compromised. The CISO at a travel company said: “We are not responding to account takeovers and having to notify customers day after day anymore… There are definitely labor savings and breach cost avoidance.”

  • The engineering lead at an apparel company said Kasada freed more bandwidth for security and fraud employees: “Before bringing Kasada in, a lot of [bots were] getting through. We have a production support team, a site reliability engineering team, and core analysts who each spend some of their day in the bot mitigation space. If we didn’t have Kasada, their workloads would easily double or triple, and that would be at a lower efficacy than what Kasada provides.”

  • Interviewees said their organizations spend less time responding to customer complaints and internal escalations caused by legitimate users being incorrectly blocked, freeing teams from repeated manual reviews. The engineering lead at an apparel company said: “With our legacy solution, there were three people who were responsible for managing it. There was a lot of overhead for the data analytics and false positives or negatives, and we’d have to meet with the provider weekly to go over the issues. Nowadays, it’s one person’s job [to manage Kasada].”
    The CISO at a travel company stated: “Kasada just works, so we don’t have to do any governance over it. … Previously, we had at least half an FTE dedicated to governance.”

  • The manager of security at an electronics company said Kasada’s ability to integrate with their organization’s existing environment led to further time savings: “[Regarding architecture,] it’s much easier to manage Kasada because we integrate it with our CDN. My team was able to almost self-serve this, which was very helpful. [The Kasada team] is also just much easier to work with as far as their [level of] expertise [over] our previous provider.”

The same interviewee estimated that the three employees dedicated to automated fraud detection at their organization experience time savings of 50%.

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • The composite organization has 10 security and fraud employees involved in responding to automated fraud.

  • Each security and fraud employee spends 25% of their time on bot detection and response.

  • With Kasada, these employees experience time savings of 40% when responding to bot attacks.

  • The fully burdened annual salary of a security and fraud employee is $169,000.

  • The composite has a productivity recapture rate of 80% because not all time saved is redeployed productively.

Risks. Security and fraud productivity savings will vary depending on:

  • The amount of bot-driven account takeovers and fraud instances that the organization experiences in its legacy environment.

  • The amount of FTE time dedicated to remediating bot attacks, including working with legacy bot vendors.

  • The average fully burdened annual salary for a security and fraud employee.

Results. To account for these risks, Forrester adjusted this benefit downward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $303,000.

40%

Time savings when responding to bot attacks

“We have much fewer incidents with Kasada, and there is much less manual tuning required. So, in the long term, our security and fraud team is seeing … [time savings of] around 200 hours a month.”

Security specialist, airline

“Because [the Kasada platform] works so effectively, we don’t have to contact [the Kasada team] as much as previous vendors. Compared to our previous vendor, there’s been a 50% reduction in how much time we have to spend working with the vendor.”

Manager of security, electronics

Security And Fraud Labor Cost Savings

Ref. Metric Source Year 1 Year 2 Year 3
C1 Employees involved in automated fraud detection and response Composite 10 10 10
C2 Portion of time dedicated to responding to bot attacks Composite 25% 25% 25%
C3 Time savings when responding to bot attacks Interviews 40% 40% 40%
C4 Fully burdened annual salary for a security and fraud employee Composite $169,000 $169,000 $169,000
C5 Productivity recapture TEI methodology 80% 80% 80%
Ct Security and fraud labor cost savings C1*C2*C3*C4*C5 $135,200 $135,200 $135,200
  Risk adjustment 10%      
Ctr Security and fraud labor cost savings (risk-adjusted)   $121,680 $121,680 $121,680
Three-year total: $365,040 Three-year present value: $302,600

Legacy Solution Cost Savings

Evidence and data. Interviewees shared that implementing Kasada allowed their organizations to reduce their spend with legacy bot management tools. Some interviewees reported their organization fully retired legacy costs, whereas others reported their organization was in the process of moving more applications from its legacy tools to Kasada.

  • The manager of security at an electronics company said: “We are in the process of removing our legacy solution from specific areas on our platform. Now that we have Kasada, we are letting the contract phase out. … Kasada is much more cost-effective than our previous vendor. Kasada pricing is about half of what we were paying for [the legacy solution].”

  • The engineering lead at an apparel company said Kasada is more effective and dramatically less expensive than their organization’s legacy bot management tool: “When we dropped our prior provider, the data analytics showed us that Kasada was covering everything they would cover and more, and at a lower false-positive rate and at a cheaper price.”

  • The CISO at a travel company reported that their organization’s legacy provider priced comparably to Kasada, but they said Kasada is more effective and praised the company for not charging for its professional services: “[The Kasada team] told us: ‘You shouldn’t have to be an expert. That’s our job. Let us be the experts.’ To me, that makes so much more sense. Whereas with our other provider, [I have to be an expert on] every bell and whistle and train and teach people.”

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • With its legacy solution, the composite organization would pay $900,000 in bot management solution costs in Year 1. These costs grow by 5% each year.

  • During the implementation process, the composite organization layers Kasada on top of its legacy bot management solution.

  • In Year 1, the composite retires 50% of its legacy costs.

  • In Year 2, the composite fully retires the legacy tool.

Risks. Legacy solution cost savings will vary depending on:

  • The specific bot management tools in the organization’s legacy suite.

  • The speed at which the organization retires its legacy costs.

Results. To account for these risks, Forrester adjusted this benefit downward by 15%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $1.6 million.

Legacy Solution Cost Savings

Ref. Metric Source Year 1 Year 2 Year 3
D1 Annual cost of legacy systems eliminated with Kasada Interviews $900,000 $945,000 $992,250
D2 Share of costs eliminated Interviews 50% 100% 100%
Dt Legacy solution cost savings D1*D2 $450,000 $945,000 $992,250
  Risk adjustment 15%      
Dtr Legacy solution cost savings (risk-adjusted)   $382,500 $803,250 $843,413
Three-year total: $2,029,163 Three-year present value: $1,645,239

Unquantified Benefits

Interviewees mentioned the following additional benefits that their organizations experienced but were not able to quantify:

  • Smoother customer experience from CAPTCHA-free sign-in process. Some interviewees shared that prior to Kasada, their organizations were dependent on CAPTCHA-based sign-in and checkout experiences. The interviewees shared that Kasada made both processes noticeably smoother, reducing friction during account access and making it easier to complete purchases without interruptions. The manager of security at an electronics organization reported: “Our user experience is a lot better now that we use Kasada because people are not being challenged by CAPTCHAs. Kasada is basically invisible, so users don’t have to solve a puzzle or select pictures of cars to sign in. It’s a huge benefit to us.”

  • Improved data quality from reduced bot traffic. The interviewees noted that because Kasada filters out bot activity, data is cleaner and more representative of actual human users. They reported greater trust in key performance metrics (e.g., authentication success rates, engagement trends, conversion performance) and said the improved data quality makes it easier for their marketing, product, and analytics teams to identify meaningful patterns and evaluate the impact of changes. The CISO at a travel company said: “It definitely improved the quality of our data. When we turned on Kasada, we had a reduction of traffic coming to the website. … What happened was the metrics for conversion started to become much cleaner because the noise [and] the unnecessary traffic just started to go away. It’s really helped us understand our true conversion rates of actual people, not just website traffic.”

The engineering lead at an apparel company noted that Kasada provided better insight into customer behavior: “One of the insights that we got with Kasada’s help is determining which accounts matter and which accounts are bad accounts or negative lifetime value. That allows more efficient marketing campaigns, demand sensing, and better KPIs on conversion. If that data is muddled by bots, your business can make the wrong decision.”

  • Time savings for customer support staff. Interviewees noted a drop in the number of fraud-related incidents reaching customer support, particularly those tied to account takeover attempts. They said that with fewer compromised accounts, support teams spend less time handling password resets, identity verification cases, and remediation workflows. Additionally, reducing the number of false positives leads to fewer instances of genuine consumers contacting support teams when they are blocked from accessing their accounts. The manager of security at an electronics company reported, “We have seen a reduction in customer service tickets because every time someone’s account gets taken over and the hacker changes their password, it would result in a customer service contact.”

The CISO at a travel company stated: “The guest is happier when they don’t have to worry about their account being compromised. Previously, we would get many, many phone calls from guests saying: ‘I’m missing these [rewards] points.  What did you guys do?’”

  • Additional value from Kasada account support. Interviewees emphasized that Kasada’s account support plays an important role in maximizing the platform’s effectiveness. They cited proactive monitoring of evolving bot threats, regular reviews to assess performance and coverage, and responsive escalation when new attack patterns emerge. The engineering lead at an apparel company said: “[I appreciate the account team’s] attention to detail, their attention to urgency, and their transparency. When things do go wrong, their speed of recovering is incredibly fast.”

“Kasada has helped our brand reputation because people used to complain endlessly about the CAPTCHAs. Nobody complains anymore because they don’t feel like they’re going through a security interrogation.”

Manager of security, electronics

“We have seen a 50% reduction in bot-related support tickets per year.”

Security specialist, airline

 Interview Spotlight

Voice Of The Customer: Kasada Account Support

Interviewees said Kasada’s account support team is responsive and attentive to detail, which they said contributed to security improvements:

“They’re just great to work with. When you’re working with them, [it feels like] they actually find interest in the problems you’re having. They want to improve their product, and they know that helping us also helps their product.” — Manager of security, electronics

“Kasada has some of the best customer service I’ve ever experienced in either the bot space or the tech industry in general. It actually shocked me.” — Engineering lead, apparel

“If there is an attack or incident that we have to work around, the Kasada team is willing to help, and they are super fast. … I recommended a feature change to the Kasada folks, and they came up with an update to solve that problem. They are fast-moving and fast-evolving.” — Security specialist, airline

“Kasada’s responsiveness is so much better than not just my other [bot defense] provider, but any of my security tools. ... With Kasada, I have a product that I have complete confidence in.” — CISO, travel

Flexibility

The value of flexibility is unique to each customer. There are multiple scenarios in which a customer might implement Kasada and later realize additional uses and business opportunities, including:

  • Account-level fraud detection with Kasada’s Account Intelligence solution. The engineering lead at an apparel company reported that their company was in a POC for Kasada’s Account Intelligence solution, a fraud detection layer that links persistent device identity with account behavior to detect human-driven fraud risks (e.g., account takeover, multi-accounting, abuse) in real time. The interviewee noted that Account Intelligence can deliver a dynamic risk score for each user, which helps their organization decide which users to trust, block, or limit. They said: “[Account Intelligence] uses their machine learning model to correlate data and see if this particular session on your website has downstream risk. We’re seeing some really great lifts, even from their core bot offering.”

Flexibility would also be quantified when evaluated as part of a specific project (described in more detail in Total Economic Impact Approach).

Analysis Of Costs

Quantified cost data as applied to the composite

Total Costs

Ref. Cost Initial Year 1 Year 2 Year 3 Total Present Value
Etr Kasada subscription costs $0 $825,000 $866,250 $909,563 $2,600,813 $2,149,277
Ftr Internal labor costs for Kasada implementation $14,256 $0 $0 $0 $14,256 $14,256
Gtr Ongoing management costs $0 $46,475 $46,475 $46,475 $139,425 $115,576
  Total costs (risk-adjusted) $14,256 $871,475 $912,725 $956,038 $2,754,494 $2,279,109

Kasada Subscription Costs

Evidence and data. Interviewees shared that their organizations incur costs for the Kasada platform based on the number of requests to applications protected with Kasada. Pricing may vary. Contact Kasada for additional details.

Modeling and assumptions. Based on the interviews, Forrester assumes the composite organization pays subscription costs of $750,000 per year in Year 1, with costs growing by 5% each year.

Risks. Kasada subscription costs will vary depending on:

  • The number and types of applications protected with Kasada.

  • The number of requests for each endpoint protected with Kasada.

  • Pricing changes and contact terms.

Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $2.1 million.

Kasada Subscription Costs

Ref. Metric Source Initial Year 1 Year 2 Year 3
E1 Annual subscription costs Interviews   $750,000 $787,500 $826,875
Et Kasada subscription costs E1 $0 $750,000 $787,500 $826,875
  Risk adjustment ↑10%        
Etr Kasada subscription costs (risk-adjusted)   $0 $825,000 $866,250 $909,563
Three-year total: $2,600,813 Three-year present value: $2,149,277

Internal Labor Costs For Kasada Implementation

Evidence and data. Interviewees shared that implementing Kasada involved lightweight internal work, including adding a mobile software development kit (SDK) integration, routing traffic through Kasada, and aligning on bot policies. Interviewees added that the Kasada team handles the heavy lifting of deployment and tuning of the platform.

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • The composite organization dedicates a collective 160 FTE hours to supporting the Kasada implementation.

  • The fully burdened hourly wage for a security and engineering staff member involved in the implementation is $81.

Risks. Implementation costs will vary depending on:

  • Implementation delays.

  • The fully burdened hourly rate for an FTE involved in implementation and training.

Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $14,000.

Internal Labor Costs For Kasada Implementation

Ref. Metric Source Initial Year 1 Year 2 Year 3
F1 Internal security and engineering time dedicated to implementation (hours) Interviews 160      
F2 Fully burdened hourly rate for a security resource Composite $81      
Ft Internal labor costs for Kasada implementation F1*F2 $12,960 $0 $0 $0
  Risk adjustment ↑10%        
Ftr Internal labor costs for Kasada implementation (risk-adjusted)   $14,256 $0 $0 $0
Three-year total: $14,256 Three-year present value: $14,256

Ongoing Management Costs

Evidence and data. Interviewees noted their organizations dedicate some FTE time to the ongoing management of Kasada. This includes meeting with the Kasada team to discuss current threat trends and platform performance and updating the SDK.

Modeling and assumptions. Based on the interviews, Forrester assumes the following about the composite organization:

  • The composite has one security engineer in charge of managing the Kasada deployment.

  • The engineer dedicates 25% of their time to managing Kasada.

  • The fully burdened annual salary for a security engineer is $169,000.

Risks. Ongoing management costs will vary depending on:

  • Specific applications protected with Kasada.

  • The level of skill and internal effort per resource dedicated to managing Kasada.

  • The average fully burdened annual salary for a Kasada platform manager.

Results. To account for these risks, Forrester adjusted this cost upward by 10%, yielding a three-year, risk-adjusted total PV (discounted at 10%) of $116,000.

“Managing Kasada is less than 5% of one FTE’s time. The only thing [they need to] do is … request some changes or some configuration enhancements for a certain issue that pops up or certain traffic we see that looks unusual. The ongoing maintenance is really updating the SDK every once or twice a year.”

CISO, travel

Ongoing Management Costs

Ref. Metric Source Initial Year 1 Year 2 Year 3
G1 Security engineers dedicated to ongoing management of Kasada Interviews   1 1 1
G2 Share of time dedicated to ongoing Kasada management Interviews   25% 25% 25%
G3 Fully burdened annual salary for a security engineer Composite   $169,000 $169,000 $169,000
Gt Ongoing management costs G1*G2*G3 $0 $42,250 $42,250 $42,250
  Risk adjustment ↑10%        
Gtr Ongoing management costs (risk-adjusted)   $0 $46,475 $46,475 $46,475
Three-year total: $139,425 Three-year present value: $115,576

Financial Summary

Consolidated Three-Year, Risk-Adjusted Metrics

Cash Flow Chart (Risk-Adjusted)

[CHART DIV CONTAINER]
Total costs Total benefits Cumulative net benefits Initial Year 1 Year 2 Year 3

Cash Flow Analysis (Risk-Adjusted)

  Initial Year 1 Year 2 Year 3 Total Present Value
Total costs ($14,256) ($871,475) ($912,725) ($956,038) ($2,754,494) ($2,279,109)
Total benefits $0 $2,382,180 $2,896,830 $3,035,588 $8,314,598 $6,840,375
Net benefits ($14,256) $1,510,705 $1,984,105 $2,079,550 $5,560,104 $4,561,266
ROI           200%
Payback period (months)           <6 months

 Please Note

The financial results calculated in the Benefits and Costs sections can be used to determine the ROI, NPV, and payback period for the composite organization’s investment. Forrester assumes a yearly discount rate of 10% for this analysis.

These risk-adjusted ROI, NPV, and payback period values are determined by applying risk-adjustment factors to the unadjusted results in each Benefit and Cost section.

The initial investment column contains costs incurred at “time 0” or at the beginning of Year 1 that are not discounted. All other cash flows are discounted using the discount rate at the end of the year. PV calculations are calculated for each total cost and benefit estimate. NPV calculations in the summary tables are the sum of the initial investment and the discounted cash flows in each year. Sums and present value calculations of the Total Benefits, Total Costs, and Cash Flow tables may not exactly add up, as some rounding may occur.

From the information provided in the interviews, Forrester constructed a Total Economic Impact™ framework for those organizations considering an investment in the Kasada platform.

The objective of the framework is to identify the cost, benefit, flexibility, and risk factors that affect the investment decision. Forrester took a multistep approach to evaluate the impact that Kasada can have on an organization.

Due Diligence

Interviewed Kasada stakeholders and Forrester analysts to gather data relative to Kasada.

Interviews

Interviewed four decision-makers at organizations using Kasada to obtain data about costs, benefits, and risks.

Composite Organization

Designed a composite organization based on characteristics of the interviewees’ organizations.

Financial Model Framework

Constructed a financial model representative of the interviews using the TEI methodology and risk-adjusted the financial model based on issues and concerns of the interviewees.

Case Study

Employed four fundamental elements of TEI in modeling the investment impact: benefits, costs, flexibility, and risks. Given the increasing sophistication of ROI analyses related to IT investments, Forrester’s TEI methodology provides a complete picture of the total economic impact of purchase decisions. Please see Appendix A for additional information on the TEI methodology.

Total Economic Impact Approach

Benefits

Benefits represent the value the solution delivers to the business. The TEI methodology places equal weight on the measure of benefits and costs, allowing for a full examination of the solution’s effect on the entire organization.

Costs

Costs comprise all expenses necessary to deliver the proposed value, or benefits, of the solution. The methodology captures implementation and ongoing costs associated with the solution.

Flexibility

Flexibility represents the strategic value that can be obtained for some future additional investment building on top of the initial investment already made. The ability to capture that benefit has a PV that can be estimated.

Risks

Risks measure the uncertainty of benefit and cost estimates given: 1) the likelihood that estimates will meet original projections and 2) the likelihood that estimates will be tracked over time. TEI risk factors are based on “triangular distribution.”

Financial Terminology

Present value (PV)

The present or current value of (discounted) cost and benefit estimates given at an interest rate (the discount rate). The PVs of costs and benefits feed into the total NPV of cash flows.

Net present value (NPV)

The present or current value of (discounted) future net cash flows given an interest rate (the discount rate). A positive project NPV normally indicates that the investment should be made unless other projects have higher NPVs.

Return on investment (ROI)

A project’s expected return in percentage terms. ROI is calculated by dividing net benefits (benefits less costs) by costs.

Discount rate

The interest rate used in cash flow analysis to take into account the time value of money. Organizations typically use discount rates between 8% and 16%.

Payback

The breakeven point for an investment. This is the point in time at which net benefits (benefits minus costs) equal initial investment or cost.

Appendix A

Total Economic Impact

Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.

Appendix B

Endnotes

1 Total Economic Impact is a methodology developed by Forrester Research that enhances a company’s technology decision-making processes and assists solution providers in communicating their value proposition to clients. The TEI methodology helps companies demonstrate, justify, and realize the tangible value of business and technology initiatives to both senior management and other key stakeholders.

Disclosures

Readers should be aware of the following:

This study is commissioned by Kasada and delivered by Forrester Consulting.

Forrester makes no assumptions as to the potential ROI that other organizations will receive. Forrester strongly advises that readers use their own estimates within the framework provided in the study to determine the appropriateness of an investment in Kasada.

Kasada reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.

Kasada provided the customer names for the interviews but did not participate in the interviews.

Consulting Team:

Matt Dunham

Published

May 2026