CIO Review >> Magazine >> September - 2013 issue

Trending Now: Highly Intelligent Security Devices

By

Friday, September 6, 2013

Brett Helm San Diego based DB Networks is a provider of adaptive database firewall equipment for organizations who need to protect their data from network-based database attacks. Founded in 2009, the company has received funding of $4.5 million from Khosla Ventures.

From the beginning, malware detectors, web application firewalls and intrusion detection were based on signature patterns, regular expression matching, or black lists. configuration and support of these approaches is extremely time consuming. Worse, determined hackers are able to conceal their attacks to defeat these first generation technologies.
This has created a need for advanced behavioral analysis. With behavioral analysis a model of proper behavior is automatically established through a machine learning process. Any activity that deviates from the established behavioral model is flagged as a likely security event. Because the behavioral model is learned automatically there is nothing to configure or maintain. Another benefit of behavioral analysis is that it provides immediate protection
against zero-day threats. All zero-day attacks have behaviors dissimilar from the established model and thus are immediately identified.


Warding Off Hackers

Previously, it was thought that there is a cyber threat and a separate distinct inside threat. Insiders were far more trusted and security measures inside the perimeter were few. Hackers exploited this broken strategy by simply penetrating perimeter security measures and attacking as an insider. It is no secret that searching for "WAF Bypass" returns many thousands of "how to" websites and detailed tutorials on techniques to penetrate these perimeter devices. Often the WAF is attempting to protect against known web application vulnerabilities. Once the WAF perimeter defense is breached, the attacker is operating as an insider. I see organizations becoming far less trustful of insiders in general. They are deploying security defenses around the core systems to protect the "crown jewels", the data
on their databases. This establishes a second perimeter around their core assets. A core IDS, for example, is designed to identify SQL injection intrusion attempts against your database assets.

Getting Customer Mindshare

In most o r g a n i z a t i o n s security is not strategic, it is simply an expense. Usually IT is understaffed and they spend a great deal of their time fighting the fire de jour. So the challenge is to offer such an extremely compelling and innovative value proposition that the customer will even give you an appointment.