Sentrigo Combines Database Vulnerability Scanning With Activity Monitoring

Sentrigo's new, integrated database discovery and vulnerability assessment scanner addresses corporate security and compliance requirements for locating important data across the enterprise and uncovering and remediating issues that could lead to compromise and data breach. Inclusion of the new Hedgehog DBscanner is the major enhancement in Hedgehog Enterprise 4.0, Sentrigo's flagship database activity monitoring and intrusion prevention suite. DBscanner, which is also available as a stand-alone product, discovers databases across the enterprise network and identifies tables containing sensitive information, such as credit card numbers and personally identifiable information (PII).

Organizations are challenged because they often don't know how many databases they have and how data moves among them, said Carl Olofson, IDC research vice president, Database Management and Data Integration Software Research. "When dealing with governance rules that require that certain classes of data be handled in a consistent way, no matter where it is, it's pretty hard to enforce those rules if you don't know all the places where the data is," he said.

This issue can be exacerbated in virtualized environments, in which VMs can move and be brought on and offline dynamically, and by the growing use of cloud-based data hosting. Because the Hedgehog suite is software-based, it installs local "sensors" with each database instance. This capability is drawing interest from companies virtualizing data centers and/or investing in Infrastructure-as-a-Service (IaaS) to move data securely to the cloud, said Andy Feit, Sentrigo VP of marketing. "We've embedded DBscanner to create enterprise-class vulnerability assessment for databases with features, such as role-based access control, that make it useful for large networks and companies that need to stay in compliance and monitor vulnerabilities over a  period of time," said Sentrigo's Feit.

"There's a lot of interest in virtualized database deployment, which this could be adapted to," said Olofson. "You might see this in cloud-based deployments, in which the database server can be moved around. Workloads move, IP addresses change dynamically."

The scanner checks for issues such as password vulnerabilities, including shared passwords and accounts/password strength and embedded passwords within applications. It discovers and reports vulnerabilities, such as SQL injection and buffer overflow, as well as database version and patch level. It provides scripts and recommendation to correct many of the issues it identifies. The integrated scanning capability should help Sentrigo competitively against the handful of companies in the database activity monitoring market. Imperva and Guardium (now owned by IBM) already have integrated scanners, and Application Security's AppDetective was among the early database scanning products. Safety-Lab and Next Generation Security Software are among the companies that also market database scanners. Hedgehog supports Oracle, Microsoft SQL Server, IBM DB2 and MySQL. The new release also features support for McAfee's ePO management platform.