What is the problem being solved?
- Automated (botnet) attacks: DDoS, Scraping, Account Takeover by Brute-Force, Data Exfiltration, others
- Other non-automated attacks that deviate from a normal user behavior model
What is the Magnus Solution?
The solution operates as an active countermeasure against attackers using a pre-access protocol based on:
- Device fingerprinting
- Proof-of-Work Challenges and Solutions (hash reversals, like Bitcoin)
- Verification and Witnessing of Solutions
Why is it an ‘active countermeasure’?
- Requestors (bots) that deviate from the normal user behavior model are supplied with very difficult proof-of-work challenges that take a long time to solve, thereby consuming the bot CPU and network communications ability (removes bot from botnet)
Is there any visible effect on normal user experience like the awful and horrid CAPTCHAs?
- No. Human users see no effect or perceptible delay in their user experience
Does Magnus need my customers’ PII or my TLS/SSL certificates and their private keys?
- No. The nonces in the protocol are random, and meaningful only in the context of the protocol itself. Magnus does not intercept or decrypt any traffic between your site and your users
What about Zero-Day attacks?
- Magnus defends against attacks in real time based on behavior happening now; prior signatures or encounters are not needed in order to apply the countermeasure
How easy is it to deploy?
- Simple. Using the Magnus API class libraries, transactions can be integrated to Magnus with 7 lines of code.
Does the solution scale up?
- Yes. It is an AWS Elastic Beanstalk with auto-scaling, tested to over 2M requests/minute with latency < 200 ms at that load
Is it reliable or highly available (H/A)?
- Yes. The Magnus service in production has had zero downtime in the past three years. Geographic failover in 90 secs from AWS us-east-1 to us-west-2 (but has never been required)