the smartest way to protect websites and web apps from attacks
DESCRIPTION
The Smartest Way to Protect Websites and Web Apps from Attacks. Who is Attacking You ?. “ Within 20 minutes , ….we were looking at the activity taking place on our Web applications. ”. Keir Asher Senior Technical Analyst Brown Printing. “ 10% of our traffic was…malicious.”. - PowerPoint PPT PresentationTRANSCRIPT
The Smartest Way to Protect Websites and Web Apps from Attacks
Who is Attacking You?
“Within 20 minutes, ….we were looking at the activity taking place on our Web applications.”
“10% of our traffic was…malicious.”
Keir Asher Senior Technical AnalystBrown Printing
Traditional Security Thinking
Bot Nets
Targeted Scanners
IP Scanners
Manual Hacking
• Reliance on signatures
• Static attack surface
• No understanding of attackers
• Reactive
Deception Provides Many Benefits
• Early detection of attackers
• Makes attack surface unreliable
• Always runs as an IPS
Hacker ThreatsTargeted Scans
Advanced Persistent Threat (APT)
Targets a specific site for any vulnerability.
Script loaded onto a bot network to carry out attack.
JAN JUNE DEC
Sophisticated, targeted attack (APT). Low and slow to avoid detection.
Library AttacksScript run against multiple sites seeking a specific vulnerability.
IP ScanScript KiddieGeneric scripts and tools against one site.
Scripts & Tools Targeted Scan
Botnet Human Hacker
Landmine apps with behavioral trip wires
Track individual attackers and scripts
Real-time attacker profiling
Intelligent and deceptive response
Mykonos Security Appliance
Deception-based Security
Detect Track Profile Respond
Detection by Deception
App Server
Client
Server Configuration
Network Perimeter
DatabaseFirewall
Query String Parameters
Tar Traps
Hidden Input Fields
Track Attackers Beyond the IP
Track Software and Script AttacksFingerprinting
HTTP communications.
Track Browser AttacksPersistent Token
Capacity to persist in all browsers including various privacy control features.
Track IP Address
Attacker threat level
Smart Profiling of Attackers
Incident history
Every attacker assigned a name
Mykonos ResponsesHuman Hacker
Botnet Targeted Scan
IP Scan Scripts and Tools
Warn attacker Block user Force CAPTCHA Slow Connection Break application Force log-out
Deceive and Prevent
All responses are available for any type of threat. Highlighted responses are most appropriate for each type of threat.
Security Administration
• SMTP alerting• Reporting (Pdf, HTML)• CLI for exporting data into SIEM tool
• Web-based console• Real-time• On-demand threat information
Unified Protection Across Platforms
App Server Database
Internal
Virtualized
Cloud
