Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

5/31/2012
01:43 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Juniper Networks Releases New Mykonos Security Software To Stop Web Attacks

Mykonos software uses attacker's behavior against them

SUNNYVALE, Calif., May 30, 2012 – Juniper Networks (NYSE: JNPR), the industry leader in network innovation, announced major platform enhancements to its Mykonos Web Security Software, which uses ground-breaking Intrusion Deception™ Technology to defend against web-based threats in real-time. The new release of Mykonos Web Security provides 30 new features and enhancements that strengthen protection against a wider range of attackers and hacking techniques, simplify configuration for security administrators, and boost scalability to help ensure holistic protection as traffic volumes increase.

View a demo of how Mykonos Web Security works here.

Web applications and websites are under constant attack and are the most popular targets for hackers because they remain the largest unprotected threat in corporate networks. A Ponemon Institute survey found 73 percent of organizations have been hacked at least once in the past two years through insecure web applications.

The Mykonos Web Security solution uses deception to create detection points – or tar traps – to identify malicious actors in real-time as they attempt to hack their desired target. Once attackers are identified, Mykonos Web Security prevents them from compromising critical information, wastes their time by presenting false vulnerabilities and provides valuable intelligence to thwart future attacks. This active, intelligence-based approach uses Mykonos’ Intrusion Deception™ System – the only system that truly neutralizes threats as they occur – giving companies the upper hand by using attackers’ actions against them without relying on signatures or passively restricting traffic. With Mykonos Web Security, Juniper Networks is transforming the security industry and changing the ROI of hacking by making it costly, time consuming and tedious for attackers to chase after false data.

Release Highlights

· Enhanced security protections: Mykonos Web Security now detects a wider range of attackers and hacking techniques, protecting against more threats, as well as provides new countermeasures, including:

o Preventing brute-force authentication attacks that rapidly guess combinations of usernames and passwords to gain access to systems. Mykonos Web Security prevents the attacker from using any compromised credentials even if an attacker happens to ‘guess’ the correct password.

· Defending against directory traversal attempts that are used to map websites to gain additional information on how to attack them.

· Integrating third-party software vulnerability protection into Mykonos Web Security, which helps prevent against known software vulnerabilities typically targeted by automated attack scripts. Mykonos Web Security now integrates a large library of known third-party attack data into its tracking, profiling, and response systems.

· User-friendly and intuitive interface: A simplified interface unifies the security console and configuration, making it easier for customers to manage systems, as well as provides a new setup wizard tool to quickly deploy without assistance from Juniper Networks.

· Greater performance clustering: Mykonos Web Security now supports throughput greater than 1Gb/second by enabling customers to add multiple slaves to a clustering model. In effect, this allows for Mykonos Web Security to protect higher-volume web properties.

· Comprehensive approach to security: The new version of Mykonos Web Security provides a significant new layer of defense against web attacks and builds on the successful SRX and vGW platforms as a key component of Juniper’s strategy to deliver a comprehensive and automated approach for data center security.

Supporting Quotes

“Web-based threats have become a major concern and companies require a proactive solution with real-time prevention to augment traditional-network security defenses. Mykonos is the first company to detect hackers during the reconnaissance phase of an attack. We can track, profile and, most importantly, respond to an attacker before the damage is done.”

-David Koretz, vice president and general manager, Mykonos Software, a Juniper Networks Company

“Juniper’s Mykonos Web Security solution addresses the critical security issues that enterprises face today. At a time when buyers are questioning whether their investment in legacy solutions is providing adequate protection from today's threats, Juniper is providing an innovative solution.”

-Jeff Wilson, principal analyst, Infonetics Research

Additional Resources:

Mykonos Web Security Demo Videos: http://youtu.be/zyxvyGgHULg Mykonos Web Security New Features Demo Video: http://youtu.be/TUlm4ljXDCg Technical Specs of Mykonos Web Security: http://www.mykonossoftware.com/technical-specs-ambler.php

· Mykonos Web Security Data Sheet http://www.mykonossoftware.com/pdf/datasheet.pdf

· Web Application Security Statistics: http://www.mykonossoftware.com/statistics.php

Juniper Security Intelligence Center: http://www.juniper.net/us/en/security/ Juniper.Net Community: www.juniper.net/community Juniper on Twitter: https://twitter.com/Junipernetworks

· Juniper on Facebook: http://www.facebook.com/JuniperNetworks

About Juniper Networks

Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. Additional information can be found at Juniper Networks (www.juniper.net) or connect with Juniper on Twitter and Facebook.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3272
PUBLISHED: 2021-01-27
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
CVE-2021-3317
PUBLISHED: 2021-01-26
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVE-2013-2512
PUBLISHED: 2021-01-26
The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
CVE-2021-3165
PUBLISHED: 2021-01-26
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.
CVE-2021-1070
PUBLISHED: 2021-01-26
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an un...