RSA CONFERENCE 2006 — Helping organizations to accommodate a tightening regulatory environment and prevent unintended exposure of sensitive data, Application Security, Inc. (AppSecInc) (www.appsecinc.com) today announced unprecedented capabilities in the latest version of AppRadar(TM), the industry´s most comprehensive real-time intrusion detection and security auditing solution.
In contrast to reactive, log-based approaches, AppRadar 3.0 enables enterprises to defend against application vulnerabilities in real-time while ensuring strict adherence to regulatory requirements. Importantly, the new version brings these features to the database platforms most prevalent within large enterprises — Oracle, Microsoft SQL Server, IBM DB2 and Sybase.
AppRadar remains the industry´s only offering to provide enterprise-class database security and intelligent, real-time monitoring/auditing capabilities in one solution. AppRadar is unique in the breadth of its real-time monitoring coverage and the context it provides to optimize security and compliance efforts. While monitoring millions of events as they happen, AppRadar can protect databases against the latest attacks (such as the Oracle Voyager worm) and alert on abuse or misuse without degrading database performance.
As a result, rather than creating yet another database of undifferentiated log data or an avalanche of ill-defined alerts, AppRadar focuses in on both the critical security issues and meaningful audit events that could signal a security breach or other compliance risk.
Among a host of new capabilities in AppRadar 3.0, two stand out as benchmarks for the industry:
— “Compliance-ready” monitoring/security auditing — AppRadar is the first database IDS and security auditing solution to allow customers to define, at a granular level, the criteria for events to be monitored, as well as the customer data that will — or will not — be captured as part of that process. This allows organizations to avoid:
— Managing gigabytes of useless audit data,
— Mixing significant and extraneous data, and most importantly,
— Not storing unnecessary, sensitive data in another database that needs to be audited.
AppRadar also self-audits in order to provide a complete, end-to-end trail of system events (like system start and system stop).
— Dynamic vulnerability assessment/protection — Through tighter integration with AppSecInc´s industry-leading AppDetective(TM) vulnerability assessment solution, organizations can specifically and automatically address the sensitive gap between the identification of vulnerabilities and remediation. In the process of managing vulnerabilities on the database, AppDetective automatically creates a custom AppRadar policy to monitor any remaining open threats in an organization´s infrastructure. This allows for an immediate productive monitoring process until any remaining vulnerabilities are resolved, thus closing the loop without unnecessary configuration.
“Securing sensitive data at its source needs to be a primary consideration for enterprises of all sizes,” said Eric Ogren, security analyst at the Enterprise Strategy Group. “An automated process of continually auditing user activity and assessing databases for vulnerabilities is an essential information security skill. AppSecInc, specialists in database security, is extending an impressive portfolio of products to secure information in database applications.”
AppRadar 3.0: Granular control, demonstrable compliance, real-time protection
AppRadar allows organizations to ensure access to key applications with confidence by providing the application-specific, real-time monitoring necessary to prevent attacks and support compliance. While monitoring traffic to and from critical data at the application level, AppRadar applies the industry´s most extensive set of security checks. It also focuses on any activity that leverages known vulnerabilities, allowing it to detect even new variants of known attacks. AppRadar also enables granular user-based and activity-based monitoring, so organizations can tune alerting to their specific requirements. As a result, AppRadar immediately detects application-level security exploits like SQL injection, as well as misuse such as a legitimate user´s attempt to steal customer credit card data.
In addition to “compliance-ready” monitoring/security auditing and intrusion detection, new features in AppRadar 3.0 include:
— ASAP Update support — new policies and rules for download regularly generated by AppSecInc´s world-class research and threat-identification arm.
— Improved alerting — flexible email triggers allow for different rules and responses based on users/groups and priorities; “Active Response”
capabilities can trigger predefined actions — such as initiating an AppDetective scan — when certain events occur.
— Streamlined management — single net-based sensor can audit and monitor Sybase, DB2 and Oracle, and event management for all databases can be performed from a central console.
— Expanded “best practices” support — import/export policies created by AppSecInc, other AppSecInc customers, or industry colleagues to facilitate and share best practices.
— Compliance templates — pre-configured policies for meeting Sarbanes-Oxley, HIPAA, FISMA and Payment Card Industry (PCI) compliance requirements, as well as reports to demonstrate requirements are being met.
“Our financial services clients demand strong database protection, while ensuring Sarbanes-Oxley and GLBA compliance,” said Les Flammer, president of The Vantage Group. “The innovative database monitoring and alerting capabilities in AppRadar 3.0 deliver just that — the industry´s most comprehensive, rapid defense against application vulnerabilities and the assurance of strict regulatory compliance.”
“Last year drove home the reality that if you haven´t secured data at the source in the database, then your most sensitive and valuable information is anything but secure — and your organization is most likely in violation of any number of regulatory mandates,” said Ted Julian, vice president of strategy for AppSecInc. “Smart organizations have realized that repeatable best practices, proactive assessment, and continuous granular monitoring are the foundation of a successful security and compliance strategy. Our products provide them the tools needed to accomplish that and AppRadar 3.0 takes that support to an even higher level with new platforms and features.”