Prevent web application abuse

Mykonos Software announced a new release of the Mykonos Security Appliance, aimed at preventing Web application abuse.

Targeted at organizations with significant web properties such as e-commerce sites, SaaS providers, and consumer on-line services, the appliance prevents malicious automation abuse, data theft and fraudulent transactions from occurring through vulnerabilities in Web applications.

The Mykonos Security Appliance helps companies prevent their Web applications from being asked to perform tasks they were never intended to perform. The product as has three key features.

First, it helps organizations gain real-time detection of Web application introspection before the damage is done. Second, it allows companies to respond to introspections with policy-based countermeasures that are designed to discourage abuse. Third, it identifies attackers (not IP addresses, but the actual attacker) and builds a profile of their behavior so that their methods can be analyzed and future counter-measures can be tailored.

The Mykonos Security Appliance works by inserting variable and random detection points into the code as it is delivered to the browser. If an attacker abuses these code-level traps and honey-pots they identify themselves, with no chance of a false positive. The appliance identifies the person, not an IP address, and gives the attacker a name, so that future intrusion attempts can be highlighted as repeat visits and thwarted appropriately.

Early detection of an attack is important because it saves IT security department’s significant time and money because the cheapest attack is the one that is never completed and requires no response.