Introducing the product

Similar documents
Securing and protecting the organization s most sensitive data

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)

Application and Database Security with F5 BIG-IP ASM and IBM InfoSphere Guardium

SANS Top 20 Critical Controls for Effective Cyber Defense

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

The syslog-ng Store Box 3 F2

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Auditing Mission-Critical Databases for Regulatory Compliance

syslog-ng Store Box PRODUCT DESCRIPTION Copyright BalaBit IT Security All rights reserved.

Securing SharePoint 101. Rob Rachwald Imperva

Product Overview. Product Family. Product Features. Powerful intrusion detection and monitoring capacity

Guideline on Auditing and Log Management

MySQL Security: Best Practices

Clavister InSight TM. Protecting Values

How To Buy Nitro Security

The syslog-ng Store Box 3 LTS

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

The Comprehensive Guide to PCI Security Standards Compliance

The webinar will begin shortly

Find the Who, What, Where and When of Your Active Directory

NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring

CorreLog Alignment to PCI Security Standards Compliance

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

WHITEPAPER Complying with HIPAA LogRhythm and HIPAA Compliance

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

Someone may be manipulating information in your organization. - and you may never know about it!

IBM QRadar Security Intelligence April 2013

Information Security & Privacy Solutions Enabling Information Governance

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

White Paper. Sarbanes Oxley and iseries Security, Audit and Compliance

Splunk Enterprise Log Management Role Supporting the ISO Framework EXECUTIVE BRIEF

Event Logs are Key to a Secure Network

The Business Benefits of Logging

Overview of NetFlow NetFlow and ITSG-33 Existing Monitoring Tools Network Monitoring and Visibility Challenges Technology of the future Q&A

IBM Software Top tips for securing big data environments

TRIPWIRE NERC SOLUTION SUITE

Compliance Management, made easy

Securing ephi with Effective Database Activity Monitoring. HIMSS Webcast 4/26/2011. p. 1

Securely maintaining sensitive financial and

Information Technology Policy

Log Management How to Develop the Right Strategy for Business and Compliance. Log Management

SB34: Event Logs Don t Lie: Step-by-Step Security. Rick Simonds, Sage Data Security

Global Partner Management Notice

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Enterprise SysLog Manager (ESM)

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013

Using Data Loss Prevention for Financial Institutions Banks, Credit Unions, Payments

Boosting enterprise security with integrated log management

Best Practices for Security Monitoring

RSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief

How ByStorm Software enables NERC-CIP Compliance

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Empowering Your Business in the Cloud Without Compromising Security

Privileged User Monitoring for SOX Compliance

LogRhythm and HIPAA Compliance

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

How DataSunrise Helps to Comply with SOX, PCI DSS and HIPAA Requirements

Guidelines for Web applications protection with dedicated Web Application Firewall

NitroView Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), & Receivers

LogRhythm and PCI Compliance

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

ISO COMPLIANCE WITH OBSERVEIT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

ARS v2.0. Solution Brief. ARS v2.0. EventTracker Enterprise v7.x. Publication Date: July 22, 2014

OCR s Anatomy: HIPAA Breaches, Investigations, and Enforcement

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

RSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief

Quest InTrust. Version 8.0. What's New. Active Directory Exchange Windows

Feature. Log Management: A Pragmatic Approach to PCI DSS

WHITE PAPER WHAT HAPPENED?

An Oracle White Paper June Oracle Database 11g: Cost-Effective Solutions for Security and Compliance

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

FormFire Application and IT Security. White Paper

Design of Database Security Policy In Enterprise Systems

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

_Firewall. Palo Alto. How Logtrust works with Palo Alto Networks

Hitachi Virtual Storage Platform Family: Security Overview. By Hitachi Data Systems

ALERT LOGIC FOR HIPAA COMPLIANCE

Security and Identity Management Auditing Converge

End-user Security Analytics Strengthens Protection with ArcSight

Attachment A. Identification of Risks/Cybersecurity Governance

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

Scalability in Log Management

QRadar SIEM 6.3 Datasheet

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Best Practices for Database Security

ENCRYPTION KEY MANAGEMENT SIMPLIFIED A BEGINNER S GUIDE TO ENCRYPTION KEY MANAGEMENT

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

8 Steps to Holistic Database Security

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

University of Pittsburgh Security Assessment Questionnaire (v1.5)

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

COMPLIANCE ALERT 10-12

The Age of Audit: The Crucial Role of the 4 th A of Identity and Access Management in Provisioning and Compliance

Transcription:

Introducing the product

The challenge Database Activity Monitoring provides privileged user and application access monitoring that is independent of native database logging and audit functions. It can function as a compensating control for privileged user separation-of-duties issues by monitoring administrator activity. The technology also improves database security by detecting unusual database read and update activity from the application layer. Managing sensitive information is critical to any organization. Data leakage protection, unauthorized access and manipulation of sensitive data is a huge challenge. Unintentional or intentional leakage has a significant impact on business, financial losses, impairment of brand reputation and legal problems. Globalization and connectivity provided by the Internet are catalysts actions of groups and individuals and can affect and destroy the value of a brand only with the publication of private data of people (addresses, medical datas, etc), business secrets (tenders, trade secrets, plans, etc) and entire nations (communications, plans, strategies, etc.). In recent years, with the growing volume of data and transactions, detecting suspicious and / or malicious behavior became a complex technically problem and depending on the proposed approach becomes an intractable problem. Gartner, 2009 www.dattashield.com 2

The product In essence, DattaShield is a transaction monitoring product, with non-intrusive deployment, that detects and alerts on suspicious behavior and unauthorized access. The solution is based on real-time processing techniques performed in a distributed manner in a cluster. Thus it is possible and feasible to perform complex analyzes of the data and metadata of captured transactions. Moreover, as DattaShield collects and stores the transaction records, it can be used as a support for companies that want or need to achieve certifications recognized by the market: PCI-DSS: Payment Card Industry Data Security Standard; SOX: Sarbanes-Oxley Act; HIPAA: Health Insurance Portability and Accountability Act. Architecture and Installation DattaShield was designed and developed to support a large volume of data, processing tens of millions of concurrent transactions based on a distributed and redundant storage structure. In addition, it is designed to be horizontally scalable, depending only on the customer's need. The deployment of the solution is performed by network traffic collection (port mirror) or collecting logs (SysLog) directly from the databases. 3 www.dattashield.com

Integration via Port Mirror Installation via Syslog TCP TCP SQL Aplications e Costumers Switch Port Mirror Database Aplications e Costumers Database Syslog Pictures 1 e 2: kinds of instalation Suspicious activity alerts The solution allows the security team to create and manage rules to detect patterns, violations, suspicious behavior and attacks by through a friendly and simple interface. It is possible to create rules for filtering of transactions combining parameters such as IP or transaction source network, user running, transaction type (UPDATE, DELETE, etc.) among others. www.dattashield.com 4

Screenshot 1 of 2 Real-time notification Transaction auditing The product supports setting up notifications via email, SMS and SysLog, being set by the tool management team. It provides audit and transaction viewing performed at specific times, providing forensic analysis of incidents and use, simplifying surveying and investigations. 5 www.dattashield.com

Detecting internal attackers Lost business represents the largest data breach cost category. These costs refer to abnormal turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill. The cost of lost business averaged R$1.03 million or 39 percent of the total data breach cost. The average abnormal churn rate was 2.4 percent with a minimum churn rate of 0 percent and a maximum churn rate of 6.5 percent. 2013 Cost of Data Breach Study: Brazil, Ponemon Institute Based on data mining algorithms and profile detection using standard transactional, DattaShield detects and alerts on abnormal behavior and therefore suspected of any database user. This detection reveals activities in unconventional and unusual times. The storage and processing of DattaShield are based on Big Data and Analytics tools. Users and access control DattaShield can use LDAP as a basis for authentication and authorization tool users. Reports and statistics The product has a set of specific and detailed reports on transactions, events, connections, rules and violations that happened in a specific period of time, providing the security manager a complete use overview of the databases. In addition, specific reports can be generated for specific audits as the PCI-DSS, e.g. www.dattashield.com 6

Dashboads indicators Personalized dashborads based on customers need. Panels situation room and SOC. Screenshot 2 of 2 Protect your company data Learn more about this solution and protect critical data of your company. Request a Proof of Concept (POC). 7 www.dattashield.com

contact@dattashield.com +55 21 3197-6069

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information