Secerno.SQL
Database Activity Monitoring - Database Security
Protect your organisation. Protect your customers. Protect your database.
Secerno: the world's most advanced activity monitoring and database security solution. Provides the highest levels of protection against internal and external threats, optimises compliance auditing and delivers the ability to develop more secure applications.
| |
|
Overview |
Features |
Benefits |
Knowledge Centre |
|
|
 |
 |
Secerno.SQL |
 |
Secerno's proprietary powerful analysis technology, the SynoptiQT Engine, automatically fingerprints the true intent of all database interactions, so you can see with unprecedented granular analysis exactly how data is accessed.
It clusters database interactions with others of similar intent, spotlighting anomalies - such as authenticated users acting inappropriately, attackers masquerading as authenticated users, or any form of SQL injection.
Control the use of your data: policy-setting is fast and accurate and offers unprecedented flexibility with a choice of how to mitigate each type of threat; log, monitor, alert, block or substitute.
Uniquely, Secerno enforces a policy of only approved behaviour, which enables it to deliver zero false positives without the need for resource-intensive manually scripted defenses, or for externally-produced signatures. |
Secerno.SQL |
|
|
|
|
|
Database activity monitoring
(DAM)
|
|
|
Database activity blocking
|
|
|
Database activity substitution
|
|
|
Enforces data access policies
|
|
Detect/Alert/Block
|
Enforces data access policies for privileged
users
|
|
Detect/Alert/Block
|
Enforces separation of duties
|
|
|
Protects against all external
attacks
|
|
Detect/Alert/Block
|
Protects against all SQL injection
attacks
|
|
Detect/Alert/Block
|
|
Delivers zero false positives
|
|
|
No signatures or signature updates
required
|
|
|
Automatic training on all database
interactions
|
|
|
Efficient grammatical clustering of SQL requests
with similar intent
|
|
|
3 click policy setting:
- One-click to see
statement types
- One-click to
analysis of threat levels
- One-click to
suggested policy response
|
|
|
Channels to deliver deeper granularity by
controlling SQL requests by users, groups, times and locations of data
access
|
|
|
Enterprise controller for aggregated policy
management, reporting and alerting
|
|
|
|
Differential auditing
|
|
|
Secure logging
|
|
|
Comprehensive set of standard reporting templates
tailored for compliance including PCI DSS, SOX, J-SOX,
HIPAA
|
|
|
End user customisation and authoring of reports,
using Crystal
Reports
|
|
|
|
Highlighting of application inefficiencies and
security issues in applications in development, staging and live
environments
|
|
|
On-the-fly mitigation of application vulnerabilities
and defects
|
|
|
|
 |
 |
Secerno.SQL |
|
Database activity monitoring powered by the SynoptiQT Engine
- Clear and concise analysis of application-to-database interactions
- Fast to set policy (in as little as 3 clicks)
- 100% Accurate: with zero false positives
Protects against out-of-policy activity including
- Internal abuse of data
- Authorised users
- Direct access by privileged users
- External attack
Choice of how to respond to policy exceptions
- Log
- Alert in real-time and integration to external security information and event monitoring systems
Audit
- Substitute
- Block
Faster, differential, compliance auditing
- Exception reporting of only non-compliant activity
- Push-button management reporting for PCI DSS, SOX, J-SOX, HIPAA
- Unlimited granular reporting - tailored to your organisation's requirements - through Secerno.SQL's open interface with Crystal Reports
Highlighting of application inefficiencies and security issues - both live applications and those in development
|
|
 |
| |
