Bot mitigation is simply the reduction of hostile bot traffic coming into a web asset (a site, web application, API, etc.).
Strictly speaking, the term implies that a full reduction (i.e., an elimination) of the bot traffic is not occurring. And indeed, traditional methods of bot detection cannot identify all–possibly not even most–of the hostile bots in modern web traffic.
Therefore, given the seriousness of the bot threat today, something more than mere mitigation is needed. That’s why bot management is becoming more widely discussed.