Nimbostratus
CirrocumulusToneman172,
Session and dynamic based are mitigating two different scenarios so won't necessarily compete with each other.
Session based centres on cookies with a malicious user repeatedly attempting to login with same browser session on the same client.
Dynamic is more relevant to tool based attacks which don't use cookies so won't trigger session based attacks. Here asm is looking for high threshold attacks, most like from different IPs.
Also, session will send a blocking page in a http response so is a client mitigation and not one simply blocking an IP address.
Hope this helps,
N