Database Auditing & Protection

The ease with which the internet can be accessed and the connectivity that it provides has created entirely new forms of cybercrime, changing once and for all how consumers, businesses and governments view the responsibility of protecting sensitive data stored in their databases.

Overview

Database Auditing & Protection (DAP) solutions provide both auditing and protection; not only do they provide comprehensive insight into WHO, WHEN and HOW has accessed your sensitive data but also protect databases from unauthorized access. DAP solutions address all aspects of database security and compliance with best-in-class database auditing and real-time protection without jeopardizing performance or availability.

Characteristics

Our DAP solutions share the following minimum characteristics:
Optimum Auditing & Protection
Capability to analyze all database activity in real time, providing organizations with a proactive security enforcement layer and detailed audit trail that illustrates the 'Who, What, When, Where, and How' of each transaction. Multi-action alerts and temporary quarantines without disruptions in critical business processes
Highly Effective
Capability to align DAP access/audit policy and protection directly with organizational cybersecurity policy, thus enabling swift and effective deployment of organizational security frameworks
Simplified Management
Incorporated centralized administration ensures changes across the board and reduces management costs
Instrumental Reporting
Capability to generate purpose-built reports useful for both internal audit and legal/regulatory compliance
Deployment Flexibility
The deployment model of the DAP solution is designed to fit the organizational needs of the existing environment, not any single vendor's solution

Features

Detection of Unauthorized Access, Fraudulent Activity
Ability to learn normal user access patterns to data using Dynamic Learning and Adaptive Normal Behavior technologies that detect material variances
Unified Policy Deployment & Enforcement
Centralized management of audit and assessment of heterogeneous systems simplifies the management of these processes, while automation reduces the amount of resources needed to maintain compliance
Effective User Rights Management across Databases
User rights across heterogeneous data stores are automatically aggregated, helping the establishment of an automated access rights review process needed to eliminate excessive user rights
Audit Analysis for Incident Investigation & Forensics
Access to both historical and real-time data provides incident response teams accurate and contextual visibility into activity in real time
Virtual Patching
Capability to look at the environment and match it to known vulnerabilities, providing exactly which data is at risk. Virtual patching blocks attempts to exploit specifically known, but unpatched vulnerabilities
High Availability
The key feature in achieving high availability and resilience is the use of DAP active-passive clustering mechanism, which offers uninterrupted operations during system updates and maintenance

Deployment

Drawing from our ever-growing expertise, developed through our Technology Risk Solutions and Managed Security Services (MSS) divisions, we will first assess your organization’s needs based on your existing infrastructure, network architecture, applications and systems’ setup. Once we have a well-rounded understanding, we proceed by proposing the best-suited DAP solution that fits your environment.

Remaining Secure

Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:

Maintenance & Support

Integration with ClearSkiesTM NG SIEM-as-a-Service

Full-fledged 24/7 Managed & Security Log monitoring

This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).