Web Application Firewall Targets XSRF Attacks


The Mykonos Security Appliance adds improvements in speed, latency, redundancy, and reporting.

Mykonos Software has released an enhanced Mykonos Security Appliance, a next-generation Web application firewall (WAF) designed to protect Web sites from hackers, fraud, and theft. Unlike legacy signature-based systems, Mykonos inserts thousands of detection points into Web apps to identify attackers before they cause damage. The latest release includes a new security processor designed to eliminate cross-site request forgery (XSRF) attacks.

The Mykonos Security Appliance sits between the Web application server and the client. It inserts detection points, or "code-level honey pots," into the Web app, creating virtual landmines that detect and prevent attack attempts. Once it detects a threat, it tags the attacker with a security token that persists after the session ends and is not tied to the attacker's IP address. After the attacker is detected and tagged, the appliance uses an intelligence-gathering process called "Hacker Hoops and Hurdles" to create a profile of the person's skill and threat level. The Mykonos Security Appliance is designed to protect against attacks before they cause damage.

Key features of the latest version of Mykonos Security Appliance include:

  • New security processor designed to eliminate cross-site request forgery (XSRF) or "one-click" attacks;
  • Unique tagging of attackers with a security token to identify and block subsequent attack attempts;
  • Captcha processor to detect bots or other automated scripts;
  • Enhanced reporting management system and security monitor console;
  • SSL configuration for internal communication security and third-party authentication for access to the appliance;
  • Multiple VLAN connections; and
  • Command-line interface for power users.

The latest version also includes significant improvements in speed, latency, redundancy, and reporting.

Mykonos Security Appliance is available now. Further information can be found here.

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

Featured

  • CIO with 10 arms multitasks at a cluttered desk in a university office

    CIOs, Coffee, and Chaos: A Day in the Life of Digital Leadership

    For today's higher education chief information officer, strategy collides with surprise and the pace never really slows down.

  • Three cubes of noticeably increasing sizes are arranged in a straight row on a subtle abstract background

    A Sense of Scale

    Gardner Campbell explores the notion of scale in education and shares some of his own experience "playing with scale" — scaling up and/or scaling down — in an English course at VCU.

  • teacher

    6 Policy Recommendations for Incorporating AI in the Classroom

    The Southern Regional Education Board's Commission on AI in Education has published six recommendations for states on adopting artificial intelligence in schools, colleges, and universities. The guidance marks the commission's first release since it was established last February, with more recommendations planned in the coming year.

  • glowing shield with a lock symbol at its center, surrounded by stylized outlines of books, a graduation cap, and a laptop

    Why the Education Sector Needs to Get Better at Cyber Hygiene

    Despite the wealth of publicly available information about cyber attacks and the tactics used by malicious actors, many institutions appear unprepared to protect their students, faculty, and endowments from cyber threats.