Original URL: http://www.theregister.co.uk/2012/02/23/juniper_mykonos/

Juniper buys Mykonos to beat off web app attacks

The art of deception

By John Leyden

Posted in Financial News, 23rd February 2012 11:13 GMT

Juniper has bought web application security firm Mykonos Software in a deal valued at around $80m (£51m) in cash.

Mykonos develops technology designed to secure websites and web applications from advanced hacker attacks. The software uses "deception-based technology' that uses honeypotting to detect and divert attacks.

The software sits in front of your apps and embeds triggers that escalate responses based on attacks, according to an explanation of the technology by Juniper's cloud security guru Christofer Hoff, who claimed the software needs minimal configuration.

Mykonos describes its technology as Intrusion Deception Systems, distinct from Web Application Firewalls (WAF), a category of security products that has earned something of a bad rep. One of the main reasons WAF tech proved tricky was because it needed to have knowledge of applications to work without disrupting existing services, creating all sorts of implementation headaches.

A blog post by Juniper, which contains more than a little marketing hyperbole, goes on to explain how Mykonos' software thwarts attacks.

By creating detection points that can identify attackers at the onset of an attack, the technology can detect and evaluate the threat level of malicious activity, and respond automatically with threat-appropriate counter measures.

Mykonos provides device level tracking, beyond the IP address, which allows for attackers to be uniquely identified, monitored and/or blocked. It can catch an attack in progress, profile the attacker, learn the attacker’s behavior and sophistication, and then use that behavior to thwart future attacks.

Juniper aims to use the technology to go on the offensive against hackers as well as making systems protected by Mykonos too much trouble and effort to crack into for profit-motivated cybercrooks. ®