- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Application Security Inc. is expected to announce a new version of its database-focused intrusion detection and security auditing software at the RSA Conference, which gets under way Feb. 13 in San Francisco.
AppRadar 3.0 combines database security features with monitoring tools that keep tabs on traffic heading to and from enterprise data stores. It's designed to detect application-level security exploits such as SQL injection, as well as system misuse such as a legitimate user inappropriately accessing financial data.
A string of high-profile data thefts has heightened awareness of the need to secure databases and applications directly, says Ted Julian, vice president of strategy for Application Security. Attackers have become more sophisticated and organized about infiltrating enterprise systems, he says. "The most direct things to monetize are Social Security numbers, credit card numbers and that sort of thing. Where can you get those en masse, up to date and highly available? The database," Julian says.
Regulatory and privacy trends, too, are driving interest in database-level auditing and intrusion detection. New to AppRadar 3.0 are compliance templates that bundle preconfigured policies and reporting options written around regulations such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, and the Payment Card Industry security standard.
Also new to AppRadar 3.0 is the option to more granularly define which events to monitor and what data to capture as part of the process. For example, a retailer might want to be alerted to unusual attempts to capture credit-card information from a database, but not want the credit card data in question to be stored inside AppRadar.
Typically, flagging an event means creating a record inside the monitoring system. AppRadar 3.0 logs the suspicious event, but without storing unnecessary, sensitive data in its database -- which means users can avoid having to audit yet another repository, Julian says.
Application Security has widened its database support in AppRadar 3.0 to include IBM DB2 and Sybase databases; previous versions focused on Oracle and Microsoft SQL Server databases. New alerting options let users set "Active Response" rules to trigger predefined actions -- such as initiating a security scan -- automatically when certain events occur.
Rss FeedRss Feed
3com 5500g is really very fast! - Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
NetScout is one of the world's premier providers of integrated network and application performance solutions.
www.netscout.com
Know First
Get Proactive — Move from Troubleshooting to Monitoring to Management with nGenius K2's Service Dashboard & Intelligent Early Warning Alarms
Watch the Video
Know Where
Get Rapid Performance Problem Isolation with nGenius Performance Manager and Diagnose Problems up to 70% Faster!
Learn More
Know Why
Get the Details to Validate and Solve your Toughest Performance Issues with nGenius InfiniStream and Sniffer Intelligence Modules
Read the Whitepaper
Comment