Web Application Firewall Targets XSRF Attacks


The Mykonos Security Appliance adds improvements in speed, latency, redundancy, and reporting.

Mykonos Software has released an enhanced Mykonos Security Appliance, a next-generation Web application firewall (WAF) designed to protect Web sites from hackers, fraud, and theft. Unlike legacy signature-based systems, Mykonos inserts thousands of detection points into Web apps to identify attackers before they cause damage. The latest release includes a new security processor designed to eliminate cross-site request forgery (XSRF) attacks.

The Mykonos Security Appliance sits between the Web application server and the client. It inserts detection points, or "code-level honey pots," into the Web app, creating virtual landmines that detect and prevent attack attempts. Once it detects a threat, it tags the attacker with a security token that persists after the session ends and is not tied to the attacker's IP address. After the attacker is detected and tagged, the appliance uses an intelligence-gathering process called "Hacker Hoops and Hurdles" to create a profile of the person's skill and threat level. The Mykonos Security Appliance is designed to protect against attacks before they cause damage.

Key features of the latest version of Mykonos Security Appliance include:

  • New security processor designed to eliminate cross-site request forgery (XSRF) or "one-click" attacks;
  • Unique tagging of attackers with a security token to identify and block subsequent attack attempts;
  • Captcha processor to detect bots or other automated scripts;
  • Enhanced reporting management system and security monitor console;
  • SSL configuration for internal communication security and third-party authentication for access to the appliance;
  • Multiple VLAN connections; and
  • Command-line interface for power users.

The latest version also includes significant improvements in speed, latency, redundancy, and reporting.

Mykonos Security Appliance is available now. Further information can be found here.

About the Author

Leila Meyer is a technology writer based in British Columbia. She can be reached at [email protected].

Featured

  • blue AI cloud connected to circuit lines, a server stack, and a shield with a padlock icon

    Report: AI Security Controls Lag Behind Adoption of AI Cloud Services

    According to a recent report from cybersecurity firm Wiz, nearly nine out of 10 organizations are already using AI services in the cloud — but fewer than one in seven have implemented AI-specific security controls.

  • stacks of glowing digital documents with circuit patterns and data streams

    Mistral AI Intros Advanced AI-Powered OCR

    French AI startup Mistral AI has announced Mistral OCR, an advanced optical character recognition (OCR) API designed to convert printed and scanned documents into digital files with "unprecedented accuracy."

  • robot waving

    Copilot Updates Aim to Personalize AI

    Microsoft has introduced a range of updates to its Copilot platform, marking a new phase in its effort to deliver what it calls a "true AI companion" that adapts to individual users' needs, preferences and routines.

  • teenager interacts with a chatbot on a computer screen

    Character.AI Rolls Out New Parental Insights Feature Amid Safety Concerns

    Chatbot platform Character.AI has introduced a new Parental Insights feature aimed at giving parents a window into their children's activity on the platform. The feature allows users under 18 to share a weekly report of their chatbot interactions directly with a parent's e-mail address.