Application Security Inc. is expected to announce a new version of its database-focused intrusion detection and security auditing software at the RSA Conference, which gets under way Feb. 13 in San Francisco.

AppRadar 3.0 combines database security features with monitoring tools that keep tabs on traffic heading to and from enterprise data stores. It's designed to detect application-level security exploits such as SQL injection, as well as system misuse such as a legitimate user inappropriately accessing financial data.

A string of high-profile data thefts has heightened awareness of the need to secure databases and applications directly, says Ted Julian, vice president of strategy for Application Security. Attackers have become more sophisticated and organized about infiltrating enterprise systems, he says. "The most direct things to monetize are Social Security numbers, credit card numbers and that sort of thing. Where can you get those en masse, up to date and highly available? The database," Julian says.

Regulatory and privacy trends, too, are driving interest in database-level auditing and intrusion detection. New to AppRadar 3.0 are compliance templates that bundle preconfigured policies and reporting options written around regulations such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, and the Payment Card Industry security standard.

Also new to AppRadar 3.0 is the option to more granularly define which events to monitor and what data to capture as part of the process. For example, a retailer might want to be alerted to unusual attempts to capture credit-card information from a database, but not want the credit card data in question to be stored inside AppRadar.

Typically, flagging an event means creating a record inside the monitoring system. AppRadar 3.0 logs the suspicious event, but without storing unnecessary, sensitive data in its database -- which means users can avoid having to audit yet another repository, Julian says.

Application Security has widened its database support in AppRadar 3.0 to include IBM DB2 and Sybase databases; previous versions focused on Oracle and Microsoft SQL Server databases. New alerting options let users set "Active Response" rules to trigger predefined actions -- such as initiating a security scan -- automatically when certain events occur.