Start-up pledges to secure Oracle databases

Start-up Sentrigo Monday took the wraps off database-monitoring and intrusion-prevention software to protect Oracle databases.

According to Rani Osnat, vice president of marketing, the company’s host-based Hedgehog software looks deep into database activity, including determining whether a hacker is trying to exploit stored procedures.

“It can monitor everything that’s happening in the database, including looking at stored procedures, which are basically small programs,” Osnat says. Hedgehog is positioned to watch what insiders, including database administrators, might be doing, he says.

Although Hedgehog supports only Oracle databases today, Sentrigo’s intent is to extend it to handle other databases in the future.

Hedgehog is used in either passive-monitoring mode -- detecting and warning security administrators about suspicious activity -- or blocking mode -- preventing such problems as SQL injection and buffer-overflow attacks through a so-called virtual-patching feature. Osnat, however, claims Hedgehog isn’t a resource hog as it only "uses up to 5% of a single CPU."

Sentrigo is making the software available today in two forms, the free Hedgehog Standard, which works as a passive monitor, and Hedgehog Enterprise, which costs $2,000 per CPU and also can be used to block attacks.

Sentrigo was founded in November 2006 by CEO Nathan Shuchami and CTO Slavik Markovich. The 25-employee company is headquartered in Kfar Saba in Israel and has a U.S. office in Woburn, Mass. The firm has received $3.5 million in venture-capital funding from Benchmark Capital.