Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Database security software to be updated

By Ann Bednarz , NetworkWorld.com , 02/02/2006

Application Security Inc. is expected to announce a new version of its database-focused intrusion detection and security auditing software at the RSA Conference, which gets under way Feb. 13 in San Francisco.

AppRadar 3.0 combines database security features with monitoring tools that keep tabs on traffic heading to and from enterprise data stores. It's designed to detect application-level security exploits such as SQL injection, as well as system misuse such as a legitimate user inappropriately accessing financial data.

A string of high-profile data thefts has heightened awareness of the need to secure databases and applications directly, says Ted Julian, vice president of strategy for Application Security. Attackers have become more sophisticated and organized about infiltrating enterprise systems, he says. "The most direct things to monetize are Social Security numbers, credit card numbers and that sort of thing. Where can you get those en masse, up to date and highly available? The database," Julian says.

Regulatory and privacy trends, too, are driving interest in database-level auditing and intrusion detection. New to AppRadar 3.0 are compliance templates that bundle preconfigured policies and reporting options written around regulations such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, and the Payment Card Industry security standard.

Also new to AppRadar 3.0 is the option to more granularly define which events to monitor and what data to capture as part of the process. For example, a retailer might want to be alerted to unusual attempts to capture credit-card information from a database, but not want the credit card data in question to be stored inside AppRadar.

Typically, flagging an event means creating a record inside the monitoring system. AppRadar 3.0 logs the suspicious event, but without storing unnecessary, sensitive data in its database -- which means users can avoid having to audit yet another repository, Julian says.

Application Security has widened its database support in AppRadar 3.0 to include IBM DB2 and Sybase databases; previous versions focused on Oracle and Microsoft SQL Server databases. New alerting options let users set "Active Response" rules to trigger predefined actions -- such as initiating a security scan -- automatically when certain events occur.

Partner Content

NetScout is one of the world's premier providers of integrated network and application performance solutions.

www.netscout.com

Know First

Get Proactive — Move from Troubleshooting to Monitoring to Management with nGenius K2's Service Dashboard & Intelligent Early Warning Alarms

Watch the Video

Know Where

Get Rapid Performance Problem Isolation with nGenius Performance Manager and Diagnose Problems up to 70% Faster!

Learn More

Know Why

Get the Details to Validate and Solve your Toughest Performance Issues with nGenius InfiniStream and Sniffer Intelligence Modules

Read the Whitepaper

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Save The Date!
What They Are Saying

3com 5500g is really very fast! - Anonymous

Join the Discussion