Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Application Security, Inc. Increases DAM Offerings

Database security and risk management vendor, Application Security Inc., has introduced updates to its product line, keeping to the company’s tradition of making database assessment and management an easily navigated and streamlined process.

Database security and risk management vendor, Application Security Inc., has introduced updates to its product line, keeping to the company’s tradition of making database assessment and management an easily navigated and streamlined process.

Database Security Products from Application Security, Inc.Earlier this month, the company released DbProtect Precision DAM, which moves the power of traditional DAM into a streamlined process monitoring based on user-defined policies and the unique characteristics of each database. AppSec’s Precision offers asset discovery, configuration and vulnerability assessment and reporting, access monitoring and reporting, and policy management aligned with the organization’s needs with or without compliance considerations.

Years ago, as DAM was taking off in the IT market, Rich Mogull at Securosis offered three tips to determine if a product is really meeting the definition of DAM, as there are plenty of vendors who can make the claim without meeting it.

“If the product does not have the option of a kernel agent, memory scanner or some equivalent way to collect all SQL activity – either on server or inside the database – the product is NOT DAM.

“If the product does not store queries – along with the response codes – for a minimum of 30 days – the product is NOT DAM; and If the product is blocking activity without understanding the FROM clause, the WHERE clause or several query and metadata specific attributes, the product is NOT DAM,” Mogull wrote.

In addition to meeting all three marks outlined by Mogull, AppSec Inc has added another layer to DbProtect with Active Response. Active Response does just what its name suggests, as it can take actions on behalf of the organization as needed.

“For years, organizations have been faced with a trade-off between risk mitigation and business continuity. One security methodology characterized by this trade-off is the “blocking” function found in most database activity monitoring offerings… As a result, typical blocking functionality can erroneously block authorized activity or create false positives, resulting in costly and unnecessary business interruption,” the company explains.

Active Response can offer blanket blocking, but that should only be the last resort. Other mitigations, such as security scanning, signature disabling, SIEM notification, database configurations designed to prevent access or lockout a specific user, trouble ticket creation, or revoking admin rights, may offer a better solution to a potential problem in the early moments of a potential attack.

There’s more however, as Active Response can offer virtual patching, which offers interim protection to known vulnerabilities while a vendor patch is tested and deployed. When the vulnerability is identified, organizations can implement a policy to block activity or take other action if an attempt is made to exploit that vulnerability.

“We have repeatedly heard from security pros and DBAs that traditional DAM blocking implementations have severe limitations and are often not deployed in production environments,” said Josh Shaul, Chief Technology Officer, AppSecInc.

“We designed Active Response to give customers the flexibility to implement a broad range of responses and apply those responses to very specific events. This precision-controlled approach ensures an active and appropriate response, while minimizing false positives and business disruption.”

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.

Application Security

A security vulnerability identified on AliExpress, the wholesale marketplace owned by the Chinese e-commerce giant Alibaba, could have been exploited by hackers to hijack...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...