Oct 20

Mykonos Software Speaking at Rochester Security Summit

Categories: Mykonos General No Comments »

Tomorrow we are speaking at the Rochester Security Summit.

The topic is Baking It In – Towards Abuse-Resistant Web Applications.

Abstract: Current solutions for securing Web applications at run-time rely heavily on signatures to identify and respond to threats. But signatures have become less effective at detecting threats over time, and aren’t sufficient to address the sophisticated abusive behavior that large, publicly exposed Web applications are subject to, including page scraping, logic abuse, malicious automation, phishing, and malware distribution.

The key shortcoming is a lack of application context – without any grounding in actual application and user behavior, signature-based solutions can’t avoid flagging many false positives. This makes the information they provide to administrators practically un-actionable.

In response, new approaches are emerging that focus on behavior, not input signatures. One key trend is to enhance the application code itself with detection points that provide more transparency into malicious user behavior. This enables administrators to prevent application abuse before bad users can establish an attack vector. In this presentation, we’ll discuss the merits and challenges of this approach. We’ll focus on specific examples, including the OWASP AppSensor project and the Mykonos Security Appliance.

Visit our table to view a live demo of how we defend an attack on a Web Application.

Oct 11

Mykonos Software in New York City at Dataconnectors Event

Categories: Mykonos General No Comments »

Mykonos Software will be exhibiting at the Dataconnectors event in New York City on Thursday Oct 14.

The event at Bridgewaters  begins at 8:00am. Come and see a live demo of the Mykonos Security Appliance which detects and responds to Web application abuse in real-time.

Tagged with:
Oct 06

Webinar: How Web Applications are Attacked

Categories: Future of Web Security, Mykonos General No Comments »

Join us for our complimentary Webinar. Register Here.

How Web Applications are Attacked: Understanding and Responding to the Five Phases of Web Application Abuse

Wednesday November 3, 2010 11am PST (2pm EST)

Web applications have created a massive attack surface for potential attackers. Because of this, the majority of attacks begin very quietly through a business Web application. This webinar outlines the problem of Web application abuse and how this abuse is used to steal data, money and resources from companies. Understanding the anatomy of an attack is key to selecting the best method of defending against widespread abuse.

Current solutions for securing Web applications rely heavily on signatures to identify and respond to threats. But signatures have become less effective at detecting threats over time, and aren.t sufficient to address the sophisticated abusive behavior that large, publicly exposed Web applications are subject to, including page scraping, logic abuse, malicious automation, phishing, and malware distribution. The key shortcoming is a lack of application context . without any grounding in actual application and user behavior, signature-based solutions can.t avoid flagging many false positives. This makes the information they provide to administrators practically un-actionable.

From this webinar, you will learn:

  • How sophisticated attackers successfully abuse Web applications
  • The five phases of a Web application attack
  • The weaknesses of signature based security
  • How companies respond today
  • A new innovative approach to Web application defense

Register Here.

Tagged with:
Oct 06

Mykonos Software at Dataconnectors in Sacramento, CA

Categories: Mykonos General No Comments »

Mykonos Software will be exhibiting at the Dataconnectors event in Sacramento on Thursday Oct 7.

The event at the Marriott Courtyard Sacramento Cal Expo begins at 8:30am. Come and see a live demo of the Mykonos Security Appliance which detects and responds to Web application abuse in real-time.

Tagged with:
preload preload preload