Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

A New Approach to Database Security

Startup Sentrigo prepares to launch Hedgehog, a new tool that works at the cache memory level

Startup vendor Sentrigo Monday will unveil a new database security tool that can detect unauthorized changes by hackers or insiders -- without hogging all of your database server cycles.

The product rollout will be the first to come out of Sentrigo, a venture-backed company that received $3.5 million in first-round funding last month. At that time, the company would only give a general description of its technology, without product names or technical specifics. (See Sentrigo Gets Funding.)

In an interview yesterday, however, Sentrigo officials revealed the first details of Hedgehog, a new tool that can detect database intrusions at a granular level and shut them down in real time.

"We have what we feel is a revolutionary approach to database security," says Nathan Shuchami, CEO of Sentrigo. "It's a completely different way of addressing the problem."

Hedgehog is a software-only monitoring tool that attaches sensors to the cache memory of a database machine, Shuchami explains. It can detect any access by outsiders or insiders, and it can track the specific changes made at the object level, he says.

Most third-party database security tools, such as Guardium and Imperva, are designed to stop outsiders from hacking in, usually through a network appliance. But Shuchami observes that such appliances may not stop tampering by authorized insiders, such as database administrators, who can access the database server directly, without going through the network.

Database vendors such as Oracle also offer their own security tools, but they are generally designed to do security audits and not real-time monitoring or intrusion prevention, Shuchami says. "Oracle Audit is problematic because it requires a lot of processor power," he notes. "It can cause the organization to double its CPU requirement for a database."

By attaching sensors to the database's cache memory, Hedgehog can detect any changes to the database, whether they are made by hackers or authorized insiders, Shuchami explains. The sensors work at the hardware level, which means they aren't dependent on the network and they don't put extra stress on the database server itself.

Eric Ogren, principal analyst with the Ogren Group, says the new technology is different from what the market has seen so far. "Hedgehog's unique approach makes the product a compelling option for organizations looking to intensify their focus on database protection."

Several early customers offered testimonials for the product, including the Bank of Israel and Bun-Gurion University, one of Israel's largest educational institutions with more than 17,000 students.

"Hedgehog allows us to defend our database from prying eyes, without the need for expensive new hardware or changes to our infrastructure," says Eran Lachs, systems section manager at Ben-Gurion.

In the next two weeks, Sentrigo will launch a free trial of the software, which will remain free for small and medium-sized businesses, Shuchami says. Larger enterprises will be able to try out the software for free, and if they choose to deploy it, they will pay a one-time fee of $2,000 per CPU. Subscription services will also be offered for security updates.

— Tim Wilson, Site Editor, Dark Reading

  • Guardium Inc.
  • Imperva Inc.
  • Sentrigo Inc. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Why Cyber-Risk Is a C-Suite Issue
    Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
    DevSecOps: The Answer to the Cloud Security Skills Gap
    Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
    Unreasonable Security Best Practices vs. Good Risk Management
    Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Navigating the Deluge of Security Data
    In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
    Flash Poll
    Rethinking Enterprise Data Defense
    Rethinking Enterprise Data Defense
    Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-19012
    PUBLISHED: 2019-11-17
    An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or ...
    CVE-2019-19022
    PUBLISHED: 2019-11-17
    iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git r...
    CVE-2019-19035
    PUBLISHED: 2019-11-17
    jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.
    CVE-2019-19011
    PUBLISHED: 2019-11-17
    MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
    CVE-2019-19010
    PUBLISHED: 2019-11-16
    Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.