CIOReview
CIOREVIEW >> Security >>

A Solution To The Long Time Problem Of SQL Attack

By CIOReview | Friday, February 7, 2014

FREMONT, CA: The Information Security Company DB Networks integrates intelligence SQL injection protection; IDS-6300 into databases to prevent intelligence security breaches. SQL injection attacks are ten year old problem and several solutions have been brought out to tackle it. Nevertheless, the former head of payment security for Barclaycard, Neira Jones notes that even now 97 percent of data breaches worldwide are due to SQL injection.

IDS-6300, released by DB Networks may be the ultimate answer to these attacks. This product detects intrusions into database and provides administrators with the intelligence to stop them. It is a hardware built on Intel as a 2U rack-mountable server. The device features four 10/100/1000 Ethernet Ports for data capture, one 10/100/1000 Ethernet admin port and one 10/100/1000 Ethernet customer service port, as well as a 480GB SSD and 2TB archival storage.

The device can be installed by plugging it into either a span port or a tap port positioned at the core switch in front of the database servers. This will place the device logically ahead of the database servers, yet behind the application servers, so it can focus on SQL traffic. The IDS-6300 is managed via a browser-based interface and supports Chrome, Internet Explorer, Firefox and Safari browsers. It will also fully support IE11 in the near future.

It automatically discovers any data base that experiences traffic including simple and basic SQL statements. It provides 24/7 monitoring of traffic and database activity. This device learns what the normal traffic is and either records or analyzes what it brings about and builds a behavioral model rooted on those facts.

In other words, the product learns how a gadget works in collaboration with a database and uses information to create behavioral model. It then uses numerous detection techniques to validate future SQL statements and against expected behavior. The behavioral analysis eliminates the need for signature, blacklists and other technologies that rely on pattern matching or static detection. It also brings down operational overhead and maintenance works.

The constant scrutiny provided by IDS-6300 is decisive in the process of ensuring security. Information on what precisely is operating on the network and what is exposed to attacks plays a key role in preparing a mitigation strategy for security problems.

When SQL injection is detected, the security device captures all the traffic and transaction information around that attack. It categorizes, analyzes and presents the critical information as to which code need to be modified or firewall requirements.

Frank Ohlhorst, popular technology journalist reports for Enterprise Networking Planet website that this device is mandatory for organizations trying to improve application codes. Especially because of the open source software and other application development processes, it is essential to look into the details of the possible security flaws and this is exactly what IDS-6300 does.

Currently, DB Networks is the only company using behavioral analysis, coupled with machine learning to deal with detecting SQL injection.

Check Out Review Of CIOReview: CrunchbaseGlassdoor

Check This Out: CIOReview OverviewMuckrack