Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Juniper Networks Updates Its “Hacker Deceiving” Web Security Software

Juniper Networks Updates Mykonos Web Security Software With Improved Protection, Simplified Management and Increased Scalability.

Juniper Networks Updates Mykonos Web Security Software With Improved Protection, Simplified Management and Increased Scalability.

Juniper Networks today announced enhancements to its Mykonos Web Security Software, the platform it acquired as part of its $80 million acquisition of security startup Mykonos Software in February of this year. 

The Mykonos platform uses what the company calls “Intrusion Deception Technology”, that uses deception to detect and confuse attackers and help defend against web-based threats in real-time.

Juniper NetworksJuniper says the latest release of Mykonos Web Security brings 30 new features and improvements that bolster protection against a wider range of attackers and hacking techniques, simplify configuration for security administrators, and boost scalability.

The Mykonos Web Security product uses deception to detect, confuse, slow down, and prevent attackers in real-time – helping to keep Websites safe. When attacks are identified, Mykonos Web Security, wastes attackers’ time by presenting false vulnerabilities and provides valuable intelligence to thwart future attacks.

Speaking with SecurityWeek earlier this year, David Koretz, now Vice President and General Manager of Junpiter-owned Mykonos Software, compared the solution to choose your own adventure stories read by young-adults. “For example, we will actually block the real .htaccess file, and return a fake one that look like a perfectly valid file, along with user names and encrypted passwords,” Kortez said. “It will even let [attackers] login to a fake recover password file, making the attackers think they have had success but in essence just burning up their time.”

According to the company, Mykonos Web Security now detects a wider range of attacks and hacking techniques, protects against more threats, and provides new countermeasures, including: 

• Preventing brute-force authentication attacks that rapidly guess combinations of usernames and passwords to gain access to systems. Mykonos Web Security prevents the attacker from using any compromised credentials even if an attacker happens to ‘guess’ the correct password.

• Defending against directory traversal attempts that are used to map websites to gain additional information on how to attack them.

• Integrating third-party software vulnerability protection into Mykonos Web Security, which helps prevent against known software vulnerabilities typically targeted by automated attack scripts. Mykonos Web Security now integrates a large library of known third-party attack data into its tracking, profiling, and response systems.

The new version also brings a new and improvided user interface that unifies the security console and configuration, making it easier for customers to manage systems, and offers a setup wizard to quickly self-deploy the solution.

Additionally, the new release offers improved performance clustering, now supporting throughput over 1Gb/s by enabling customers to add multiple slaves to a clustering model.

“Web-based threats have become a major concern and companies require a proactive solution with real-time prevention to augment traditional-network security defenses,” Koretz said. “We can track, profile and, most importantly, respond to an attacker before the damage is done.”

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.