The Web    Google
AppRadar Supports Intrusion Detection for Enterprise Databases

AppRadar Supports Intrusion Detection for Enterprise Databases
March 2, 2004

Enterprise applications security software vendor Application Security Inc. has unveiled the first version of an intrusion protection product aimed at enterprise databases.

AppRadar 1.0 has an underlying knowledge base of database-specific best practices, vulnerabilities, threats and misconfigurations. The knowledge base is updated monthly with Application Security Automatic Protection updates. The first version supports Microsoft SQL Server; future versions will support other databases.

Threats that AppRadar will detect include: buffer overflow attacks that exploit known vulnerabilities to gain privileged access; password attacks such as when an attacker attempts to log into a database using different account and password combinations; Web applications attacks in which attackers compromise a database through a front-end Web application or via SQL injection; privilege escalation, when unauthorized access to the database can be checked using rules that monitor for individuals attempting to elevate their access privileges; accessing operating systems resources; and audit and system event rules that provide easy ways to audit databases and track what has been accessed and capture changes to permissions.

"We are providing proven security methodology that has been implemented for network or host security exclusively to databases," says Ted Julian, vice president of marketing for Application Security.

AppRadar is priced at $2,000 for a single database sensor and a Web console that captures alerts from the sensor; the annual subscription service to support the product will be priced separately; the company is still working out details.

Application Security also unveiled version 4.0 of AppDetective, is vulnerability assessment product for enterprise databases. The new release adds the AppSecInc Console, a Web-based client that allows administrators to monitor and manage distributed vulnerability scans from a central location.

AppDetective supports Oracle, Microsoft SQL Server, IBM DB2, Sybase and Lotus Domino Mail applications. AppDetective is priced at $900/year on a subscription basis, with updates included.

The company also offers DbEncrypt, for encrypting data within databases at a column level if so desired.

  • 1/27: StartPage-FX Trojan Modifies IE Settings
  • Startup Unveils Web Server Assessment, Defense Toolkit
  • 9/15: Forbot-C Spreads to Remote Shares
  • 4/15: Kelvir-J an IM Worm
  • China Backs Down on WAPI Deadline
  • 11/23: BackDoor-CLK Trojan Copies Itself
  • 5/3: Kelvir-AM Worm Spreads Via IM
  • IBM Buy Helps Clients Pinpoint Identity
  • 2/11: Rbot-VT Worm Has Backdoor Ability
  • 4/8: Mytob-AB Worm Comes as Attachment
  • 4/25: Kedebe Worm Kills Security
  • Discussion on Security Camera