Child Entrepreneur David Koretz, Now CEO Of Mykonos Software (Part 6)

Sramana Mitra: What is the story behind Mykonos? 

David Koretz: We started seeing a problem inside BlueTie. It  was a huge issue; hackers were trying to break into our databases for a number of reasons. Some were trying to steal credit cards and others wanted to use us as a spam engine. The net effect is that we were constantly being attacked. We went out and looked at the tools in the market to identify how we were being attacked, and every single tool fell into the same category of being theoretically un-valuable.

The tools were called Web app firewalls, folks like Citrix and Barracuda. They are all based on an open source product called ModSecurity and they all work the same way. They work just like antivirus works. They rely on attack signatures, and then they wait for those types of attacks and block them. There are two problems with that thinking. First, it does not work because there are an infinite number of attack vectors but there are a finite amount of attack signatures. The second problem is that it is only good for attacks you know about.

On the Web, the attacks are much faster. I can do an SQL injection and have a million credit card records the same day. Knowing about that four days later is worthless. The security model that has been around for the past decade is a castle-and-moat model; keep people from getting in. Computer network defense companies keep trying to make the moat better, but I think that approach is fundamentally flawed. If you believe that you have a browser with potential vulnerabilities, there is a range of attack vectors that approaches infinity.

We started solving the problem with a very different approach. We don’t want to keep them on the perimeter; rather, we want to change the fundamental  economics of the hack. We started looking at deception as a core strategy. Instead of trying to keep the hacker out, we add hundreds of fake vulnerabilities. As the hacker starts to look for holes they are going to trip over a number of vulnerabilities. We might even make more work for them.

We will return fake .htaccess files that point to fake password files. If they take the six or seven hours it takes to break the encryption on the password files, we will even let them login to a fake config.int file. The problem for them is that it is all fictitious. It has all been generated on the fly by a Mykonos server and is specifically intended to waste their time while at the same time demonstrating to us just how sophisticated they are.

Our approach breaks automated scanning tools. You are now in a world where you have to manually hack. You are now in our game where you are trying to filter through a huge number of vulnerabilities. We have dramatically increased the cost of hacking.

Sramana Mitra: Who came up with this? 

David Koretz: A team of us inside of BlueTie. We spun that concept off as a different company.

Sramana Mitra: When did you spin it off? 

David Koretz: We did that in December 2009. I knew nothing about security, but I took it to the RSA conference and told them that this is what we had. Two days after Gartner named us one of the 2010 Cool Vendors of the Year. We put it into beta and people told us that not only did it work, but it was showing them things that they had never seen before. Bertelsmann put us in front of their site and found out that 11% of all traffic that had been flowing through their site was malicious. We identified 300 attacks against their site the first day.

This segment is part 6 in the series : Child Entrepreneur David Koretz, Now CEO Of Mykonos Software
1 2 3 4 5 6 7