AppRadar Supports Intrusion Detection for Enterprise Databases
AppRadar 1.0 from Application Security Inc. is an intrusion protection product aimed at protecting enterprise databases.
AppRadar 1.0 has an underlying knowledge base of database-specific best practices, vulnerabilities, threats and misconfigurations. The knowledge base is updated monthly with Application Security Automatic Protection updates. The first version supports Microsoft SQL Server; future versions will support other databases.
Threats that AppRadar will detect include: buffer overflow attacks that exploit known vulnerabilities to gain privileged access; password attacks such as when an attacker attempts to log into a database using different account and password combinations; Web applications attacks in which attackers compromise a database through a front-end Web application or via SQL injection; privilege escalation, when unauthorized access to the database can be checked using rules that monitor for individuals attempting to elevate their access privileges; accessing operating systems resources; and audit and system event rules that provide easy ways to audit databases and track what has been accessed and capture changes to permissions.
"We are providing proven security methodology that has been implemented for network or host security exclusively to databases," says Ted Julian, vice president of marketing for Application Security.
AppRadar is priced at $2,000 for a single database sensor and a Web console that captures alerts from the sensor; the annual subscription service to support the product will be priced separately; the company is still working out details.
Application Security also unveiled version 4.0 of AppDetective, is vulnerability assessment product for enterprise databases. The new release adds the AppSecInc Console, a Web-based client that allows administrators to monitor and manage distributed vulnerability scans from a central location.
AppDetective supports Oracle, Microsoft SQL Server, IBM DB2, Sybase and Lotus Domino Mail applications. AppDetective is priced at $900/year on a subscription basis, with updates included.
The company also offers DbEncrypt, for encrypting data within databases at a column level if so desired.
February 10, 2004
W32/Vesser.worm.a is a worm that spreads via the peer to peer file-sharing application Soulseek, and may attempt to spread via the remote access component created by the W32/Mydoom.a@MM and W32/Mydoom.b@MM viruses, according to McAfee, which issued an alert Tuesday.