Magnus Cloud: Proactive Countermeasure against Cyber Attacks

Who could have thought that when Russ Manning created a science fiction character in 1962 named “Magnus: The Robot Fighter 4000 AD,” there would actually be a time when humankind would have to fight them. Sophisticated robot-based attacks at Layer 7 application also known as Distributed Denial of Service (DDoS) attacks are increasing rapidly. Today, the major challenge in application-layer DDoS deterrence is the ability of a bot to take on many forms while attacking networks, and the inability of standard defenses to remove these assaults. Nashville, TN-based Magnus Cloud addresses these problems by focusing on a device’s behavior in real time and applying behavioral protocol that removes bots, even the most sophisticated bots, by consuming their CPUs. “Attackers continue to marshal and train their bot armies, launching more sophisticated attacks against websites and services every day. Magnus ensures organizations win the battles and the war,” says Kurt Gutzmann, CTO, Magnus Cloud.

Magnus offers cloud-based services that prevent bots from damaging a firm’s website or mission-critical applications. According to Gutzmann, the unique aspect of Magnus’s solution is that they do not use ‘signature deduction’ or after-the-fact signature-based request filtering techniques. “The typical modus operandi requires customers to provide their SSL decryption keys and certificates to the vendor for analyzing the customer's traffic, posing a major compliance problem for many businesses such as internet banks,” explains Gutzmann. Magnus' counter measure is able to neutralize bot attacks, prevents infiltration, and consumes attackers.

Magnus protects content at the site or sub-site level, and/or specific transactions such as account logon, purchases, money transfers, and stock trades. The operation of our solution is completely undetectable by a human using a browser, which eliminates the need for irritating measures like captchas. Through the addition of a Magnus-provided client-side script to the site or forms, visitors are engaged in the protocol before gaining access to a firm’s content or transactions.

“Most bots do not execute Javascript and will fail to engage properly; they are immediately denied access. Occasionally a Javascript-capable bot will turn up, but they reveal themselves through their behavior and are incapacitated by our protocol,” adds Gutzmann.