Today, web applications are among the largest unprotected attack surfaces, and the frequency of attack is increasing. The primary security threat for businesses has shifted from the network layer to the application layer. Malevolent attackers can easily use automated tools to identify and exploit vulnerabilities in websites with tremendous reach and scale. When they are successful, these web attacks are very costly to the target. Take Sony, for example, which last year had to shut down its PlayStation Network for twenty three days because it was compromised through web applications. According to Sony, the shutdown cost the company an estimated $171 million, but that doesn’t include other costs such as lost records, brand damage and lawsuits that followed, which some estimated to cost billions.
The fact is that companies need a proactive approach to web application security. Current solutions such as web security appliances and Web Application Firewalls (WAFs) cannot protect against zero-day web attacks. And while perimeter defenses such as firewalls and intrusion prevention systems can protect against known attacks, companies need to provide an additional layer of security beyond the traditional defenses.
I am very excited about Juniper’s announcement today. We have acquired Mykonos Software, the leading provider of intrusion deception systems that protect websites and web applications. With this acquisition, we extend our security portfolio with the only intrusion deception system that neutralizes threats as they occur.
Mykonos Software’s groundbreaking deception-based technology can actively prevent attacks and stop even the most sophisticated zero-day web attacks. By creating detection points that can identify attackers at the onset of an attack, the technology can detect and evaluate the threat level of malicious activity, and respond automatically with threat-appropriate counter measures. Mykonos provides device level tracking, beyond the IP address, which allows for attackers to be uniquely identified, monitored and/or blocked. It can catch an attack in progress, profile the attacker, learn the attacker’s behavior and sophistication, and then use that behavior to thwart future attacks.
Together with Mykonos, Juniper is transforming the security industry and changing the economics of malicious attack by causing attackers to pursue worthless false data, thus incurring cost and expending time that would otherwise be spent on other attacks. We are driving security thought leadership with disruptive technology that breaks from conventional ideas. Juniper’s strong history of technology execution combined with Mykonos Software’s accomplished team ideally positions us to deliver an end-to-end security portfolio that provides an always protected environment across devices, applications, the network and the cloud.
I am enthusiastic about the substantial opportunities that lie ahead. Stay tuned as we announce key milestones and developments of our integrated security solution.
Exploring the vision for the networking industry and the issues shaping its future.
Vice President, Business Strategy and Marketing
Software Solutions Division