The Smartest Way to Protect Websites and Web Apps from Attacks
Feb 22, 2016
The Smartest Way to Protect Websites and Web Apps from Attacks
Port 80
Inconvenient Statistics
Port 80
Network Perimeter
App Server
Database of ALL threats are at the Web application layer.Gartner
70%
of organizations have been hacked in the past two years through insecure Web apps.
73%
Ponemon Institute
Hacker ThreatsTargeted Scans
Advanced Persistent Threat (APT)
Targets a specific site for any vulnerability.
Script loaded onto a bot network to carry out attack.
JAN JUNE DEC
Sophisticated, targeted attack (APT). Low and slow to avoid detection.
Library AttacksScript run against multiple sites seeking a specific vulnerability.
IP ScanScript KiddieGeneric scripts and tools against one site.
Scripts & Tool Exploits Targeted Scan
Botnet Human Hacker
The Cost of an Attack
Theft
RevenueReputation
Sony Stolen Records | 100M
Sony Direct Costs | $171M• 28 day network closure• Lost customers• Security improvements
Sony Lawsuits| $1-2B
Ponemon Institute| Average breach costs $214 per record stolen
Deception Points - detect threats without false positives.
Track individual devices
Understand attacker’s capabilities and intent
Adaptive responses, including block, warn and deceive.
The Mykonos Advantage
Deception-based Security
Detect Track Profile Respond
Detection by Deception
App Server
Client
Server Configuration
Network Perimeter
DatabaseFirewall
Query String Parameters
Tar Traps
Hidden Input Fields
Track Attackers Beyond the IP
Track Software and Script AttacksFingerprinting
HTTP communications.
Track Browser AttacksPersistent Token
Capacity to persist in all browsers including various privacy control features.
Track IP Address
Attacker threat level
Smart Profile of Attacker
Incident history
Every attacker assigned a name
Mykonos ResponsesHuman Hacker
Botnet Targeted Scan
IP Scan Scripts &Tools Exploits
Warn attacker Block user Force CAPTCHA Slow connection Simulate broken application Force log-out
Respond and Deceive
All responses are available for any type of threat. Highlighted responses are most appropriate for each type of threat.
Security Administration
• SMTP alerting• Reporting (Pdf, HTML)• CLI for exporting data into SIEM tool
• Web-based console• Real-time• On-demand threat information
Unified Protection Across Platforms
App Server Database
Internal
Virtualized
Cloud
Conn
ectiv
e Ti
ssue
Case Study & Customers“Within 20 minutes, ….we were looking at the activity taking place on our web applications.”
“10% of our traffic was…malicious.”
Keir Asher Senior Technical AnalystBrown Printing
2010 Cool VendorApplication Security
“The smartest buy of the year for any organization with an online presence.” 1st Place Winner, Security Innovators Throwdown 2010
SINET 16 Security Innovator 2011
1st Place Information SecurityWall Street Journal Technology Innovation Awards 2011