Database Security

 

While most companies continue to focus on perimeter security, the database remains not only the most highly prized, but also one of the most vulnerable assets within the enterprise IT environment. Databases are susceptible to both attacks by "trusted" users as well as Internet-borne threats from beyond the corporate network perimeter. Firewalls provide a false sense of security for most database administrators, much like they did for system administrators before the widespread proliferation of worm-attacks. It is clear that organizations must take a more holistic view of database security to protect themselves and their data.

One of the primary challenges in database security is patching. A January 2008 article in a leading IT publication suggests that more than 66% of Oracle databases are NOT being patched. In fact it appears that most organizations prefer not to patch enterprise databases at all. Because the core database in many companies is such a critical piece of the IT infrastructure, any interruption in service can be crippling. Even worse, not all legacy Oracle legacy systems are supported by current CPUs.

That places an even greater burden on network security devices for critical database protection. Yet traditional network intrusion prevention appliances deliver insufficient coverage/protection for the more than 400 Oracle vulnerabilities; and "SQL on the wire" can also allow hackers to bypass firewalls and other netsec appliances. In 2007 we saw the rise of mutating attacks designed to evade traditional signature/tuning netsec appliances. Bottom line: traditional perimeter security solutions designed to protect the entire network from any possible attack do not offer enough protocol-fluent, vulnerability-specific protection to protect databases from sophisticated attacks against unpatched vulnerabilities.

That's where Blue Lane comes in. Blue Lane's unique, vulnerability-centric approach protects Oracle databases from network attacks against known network-accessible Oracle vulnerabilities. When new CPUs are released, we typically deliver inline fixes within 48 hours. Our layer 7 decoding and SQL interpretation offer highly accurate protection even against the most sophisticated types of attacks. That's why our appliances meet critical SOX and PCI-DSS compliance requirements. Some of our Oracle security customers are listed here.

 
© 2008 Blue Lane Technologies Inc. All Rights Reserved.   Site Feedback    Privacy Policy    Terms    Request Info    Contact Us    Home