Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

5/31/2012
01:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Juniper Networks Releases New Mykonos Security Software To Stop Web Attacks

Mykonos software uses attacker's behavior against them

SUNNYVALE, Calif., May 30, 2012 – Juniper Networks (NYSE: JNPR), the industry leader in network innovation, announced major platform enhancements to its Mykonos Web Security Software, which uses ground-breaking Intrusion Deception™ Technology to defend against web-based threats in real-time. The new release of Mykonos Web Security provides 30 new features and enhancements that strengthen protection against a wider range of attackers and hacking techniques, simplify configuration for security administrators, and boost scalability to help ensure holistic protection as traffic volumes increase.

View a demo of how Mykonos Web Security works here.

Web applications and websites are under constant attack and are the most popular targets for hackers because they remain the largest unprotected threat in corporate networks. A Ponemon Institute survey found 73 percent of organizations have been hacked at least once in the past two years through insecure web applications.

The Mykonos Web Security solution uses deception to create detection points – or tar traps – to identify malicious actors in real-time as they attempt to hack their desired target. Once attackers are identified, Mykonos Web Security prevents them from compromising critical information, wastes their time by presenting false vulnerabilities and provides valuable intelligence to thwart future attacks. This active, intelligence-based approach uses Mykonos’ Intrusion Deception™ System – the only system that truly neutralizes threats as they occur – giving companies the upper hand by using attackers’ actions against them without relying on signatures or passively restricting traffic. With Mykonos Web Security, Juniper Networks is transforming the security industry and changing the ROI of hacking by making it costly, time consuming and tedious for attackers to chase after false data.

Release Highlights

· Enhanced security protections: Mykonos Web Security now detects a wider range of attackers and hacking techniques, protecting against more threats, as well as provides new countermeasures, including:

o Preventing brute-force authentication attacks that rapidly guess combinations of usernames and passwords to gain access to systems. Mykonos Web Security prevents the attacker from using any compromised credentials even if an attacker happens to ‘guess’ the correct password.

· Defending against directory traversal attempts that are used to map websites to gain additional information on how to attack them.

· Integrating third-party software vulnerability protection into Mykonos Web Security, which helps prevent against known software vulnerabilities typically targeted by automated attack scripts. Mykonos Web Security now integrates a large library of known third-party attack data into its tracking, profiling, and response systems.

· User-friendly and intuitive interface: A simplified interface unifies the security console and configuration, making it easier for customers to manage systems, as well as provides a new setup wizard tool to quickly deploy without assistance from Juniper Networks.

· Greater performance clustering: Mykonos Web Security now supports throughput greater than 1Gb/second by enabling customers to add multiple slaves to a clustering model. In effect, this allows for Mykonos Web Security to protect higher-volume web properties.

· Comprehensive approach to security: The new version of Mykonos Web Security provides a significant new layer of defense against web attacks and builds on the successful SRX and vGW platforms as a key component of Juniper’s strategy to deliver a comprehensive and automated approach for data center security.

Supporting Quotes

“Web-based threats have become a major concern and companies require a proactive solution with real-time prevention to augment traditional-network security defenses. Mykonos is the first company to detect hackers during the reconnaissance phase of an attack. We can track, profile and, most importantly, respond to an attacker before the damage is done.”

-David Koretz, vice president and general manager, Mykonos Software, a Juniper Networks Company

“Juniper’s Mykonos Web Security solution addresses the critical security issues that enterprises face today. At a time when buyers are questioning whether their investment in legacy solutions is providing adequate protection from today's threats, Juniper is providing an innovative solution.”

-Jeff Wilson, principal analyst, Infonetics Research

Additional Resources:

Mykonos Web Security Demo Videos: http://youtu.be/zyxvyGgHULg Mykonos Web Security New Features Demo Video: http://youtu.be/TUlm4ljXDCg Technical Specs of Mykonos Web Security: http://www.mykonossoftware.com/technical-specs-ambler.php

· Mykonos Web Security Data Sheet http://www.mykonossoftware.com/pdf/datasheet.pdf

· Web Application Security Statistics: http://www.mykonossoftware.com/statistics.php

Juniper Security Intelligence Center: http://www.juniper.net/us/en/security/ Juniper.Net Community: www.juniper.net/community Juniper on Twitter: https://twitter.com/Junipernetworks

· Juniper on Facebook: http://www.facebook.com/JuniperNetworks

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. Additional information can be found at Juniper Networks (www.juniper.net) or connect with Juniper on Twitter and Facebook.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18942
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
CVE-2019-18943
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVE-2019-18944
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVE-2019-18945
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVE-2019-18946
PUBLISHED: 2021-02-26
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.