You can implement a CAPTCHA challenge-response test for specific proxied client requests.
When CAPTCHA validation is implemented on the appliance:
Configuring CAPTCHA validation consists of creating the validator and form in the CLI and including them in policy.
ProxySG#(config)security captcha create-validator mycaptcha
Note: The CAPTCHA test is not invoked for future requests from the same client and to the same domain until the cookie expires.
For explicit proxy deployment review the following kb-article before configuring CAPTCHA Validation