• All Articles

Why Real-Time Blocking isn't enough

By Giles

July 22, 2021

54 Why Real Time Blocking Isn't Enough

A Real-Time Blocking solution can act as a defense against any malicious ads being shown to end users. However, Real-Time Blocking solutions can mistakenly be sold as the only solution a Publisher or Ad Network will need to protect against threats. 

The logic behind Real-Time Blocking is fairly simple. All blockers have a blacklist or third-party malware database of malicious domains or script patterns. Whenever any domains or scripts match their blacklist, they block the ads automatically before they can load and display to end-users. Real-Time Blocking may seem like a convenient tool for some Ad Platforms and Publishers, especially for those who don't have a dedicated compliance team looking into malware issues, however, Real-Time Blocking protection is not the perfect fix.


Obfuscation: Obfuscation means to make something difficult to understand. Encrypting the code and stripping out potentially revealing metadata, replacing class and variable names with meaningless labels and adding unused or meaningless code to an application script. Bad actors develop new obfuscation techniques all the time, and these new obfuscated codes cannot be detected by Real-Time Blockers, slipping through the protection net to display malicious ads to end-users.

Blocker workarounds: Malware developers are highly sophisticated and their code can recognise a blocking tool’s scanning environment and real user environment. The malware has the capability to detect the presence of a known provider’s tool, making it automatically change track and workaround the blocker.

New malware: New malware is being coded constantly by cyber criminals and then introduced into the digital advertising ecosystem, so Real-Time Blockers that are based on blacklists and third-party malware databases just can’t keep up

The Solution

Many publishers nowadays are looking for malware blocking solutions to stop bad ads from being served. However, they soon discover that Real-Time Blocking does not solve all of their malware threats and malvertising problems in the long run. It may seem that Real-Time Blocking is a “one size fits all” tool, but this is not the case. It is imperative that Publishers and Ad Networks use a comprehensive, multi-staged approach that provides a much more robust framework. This will ensure that their ad supply chain is always safe for end users whenever they encounter them. 

AdSecure offers much more than just Real-Time Blocking, our range of solutions provide a complete strategy to help Publishers and Ad Networks have full protection against malvertising and non-compliant and poor quality ads. We always suggest companies to supplement a blocking solution together with other measures to reduce their digital risk, as stopping malvertising is not a simple problem to fix, therefore it shouldn’t be addressed with a simple solution. A rigorous and comprehensive monitoring solution is the key to resolving the malvertising problems in a Publisher’s or Ad Network’s ad supply chain.

Here is the ideal three stage strategy:

  • Stage 1 - Pre-flight verification: Before an ad campaign is launched it’s important to verify that everything is working as intended, the content looks the way it should, and all the links in the path are both clean from malicious activity and working properly. AdSecure performs a full analysis of the ad creatives before going live, analysing for any presence of malware and other potential threats. Our scanning ensures that there are no broken links in the chain, it performs a quality assurance check on the ad visuals, and examines how the ad will appear to users depending on their location and the device they might be viewing the ad.
  • Stage 2 - Active monitoring: Once a campaign is live, bad actors can modify the campaign. They can change the creative to a non-compliant image, deliver malware, or redirect users against their will to phishing sites designed to harvest their secure data. By setting up projects or recurring API analyses within  AdSecure’s platform, Publishers and Ad Networks can monitor ad campaigns throughout their active lifecycles and immediately be alerted in real-time when malicious activity comes into play, so that action can be taken quickly to remove the problem before it spirals out of control.
  • Stage 3 - Real-Time Blocking: The last line of defense is Real-Time Blocking and AdSecure’s Client-Side Wrapper will detect and eliminate any bad ads at page level, and can be designed to replace them with a clean ad from a safe inventory in order to keep revenues secure and keep end users safely engaged.


Having this three stage arsenal is the best way to ensure malicious activity doesn’t make it through the back door. AdSecures detection solutions are the most modern in the industry, giving the greatest protection to Publishers, Ad Networks and the end user. Taking your advertising to the next level with ad security and ad quality guaranteed.

Share this article on