Sentrigo Launches Vulnerability Assessment Solution For Databases

Hedgehog Enterprise v4.0 combines features of Sentrigo DBscanner and integration with McAfee ePO

September 14, 2010

5 Min Read


SANTA CLARA, Calif.—September 13, 2010 — Sentrigo, Inc. the innovator in database security software, today announced a fully integrated database activity monitoring and vulnerability assessment solution for enterprises. Available immediately, Hedgehog Enterprise™ v4.0 provides a complete database activity monitoring and intrusion prevention platform combined with new capabilities to find, scan and validate databases containing sensitive information on a network to meet regulatory standards.

This latest version of Sentrigo’s flagship database activity monitoring software incorporates the new Hedgehog DBscanner™, a vulnerability assessment and security scanning solution, providing a single management interface to the full database security suite. Whether running one module or the entire Hedgehog suite, security and compliance events as well scan results can be seamlessly integrated into most common network and security monitoring systems, now including McAfee ePO.

Hedgehog DBscanner - vulnerability assessment for databases, designed specifically for the enterprise

Hedgehog DBscanner streamlines the process of identifying sensitive data on a network and securing it properly to meet regulatory standards. By improving visibility into vulnerabilities and providing expert recommendations for remediation, DBscanner protects against damaging breaches and saves money through better preparation for compliance audits.

With a comprehensive assessment of the most widely-deployed database management systems, Hedgehog DBscanner conducts more than 3,000 different checks of Oracle, Microsoft SQL Server, IBM DB2 and MySQL databases. The product automatically discovers databases on a network, and then locates and identifies tables containing restricted information such as passwords, credit card details and personally identifiable information(PII).

Hedgehog DBscanner checks for password vulnerabilities, including password strength, use of shared accounts/passwords, and embedded passwords within applications – all through highly efficient techniques to minimize load on production servers. Hedgehog DBscanner discovers misconfigurations and delivers recommendations and fix scripts where possible.

Designed to simplify compliance audits, Hedgehog DBscanner provides regulatory compliance report templates as well as custom reporting. Reports detail each database’s current version, patch level and any discovered vulnerabilities, including SQL injection, buffer overflow, and malicious or insecure PL/SQL and T-SQL code.

The new DBscanner, like the entire Hedgehog family of products, has been architected to operate seamlessly in virtualized or cloud computing environments.

“Users are increasingly anxious about the security of their data, and especially about inappropriate patterns of access,” said Carl Olofson, Research Vice President of database management and data integration software research at IDC. “Many database security products rely on a fairly static network topology, which is inhibiting the adoption of new IT deployment models such as virtualization and the private Cloud. Having the ability to protect database data despite a virtualized environment or shifting network deployment configurations would certainly encourage such adoption, and would free enterprises to deploy databases in more flexible and useful ways, knowing their data is safe.”

McAfee ePolicy Orchestrator (ePO) Integration

Real time security and compliance events generated by Hedgehog Enterprise v4.0 and scan results from Hedgehog DBscanner are integrated with the McAfee ePO dashboard, providing enterprise organizations with centralized reporting and summary information for thousands of databases from a common interface. For more detailed threat information and scan configuration, direct links from McAfee ePO open the Hedgehog Enterprise alert console or invoke the vulnerability scanning management console with granular control over every operation, allowing customers who have invested in centralizing their security management through McAfee ePO to gain additional value from the McAfee platform.

“Until now, the tasks of verifying that sensitive information is being adequately protected from growing threats, and being able to demonstrate that level of security to auditors in order to meet regulatory requirements, have been primarily based on snapshots at a point in time for each specific data asset,” stated Dan Sarel, vice president of products at Sentrigo. “Hedgehog DBscanner brings a whole new approach to solving this problem at the enterprise level, simplifying the audit process and dramatically reducing the resources required for each scan. By centralizing the scanning process, and most importantly, by making vulnerability assessment part of an ongoing scheduled process, organizations now have the necessary information at any time to respond to an audit, and can be proactive in closing any security gaps.”

Product Support and Availability

Hedgehog Enterprise v4.0 and Hedgehog DBscanner are available immediately, including evaluation versions of either individual product or the integrated suite. Hedgehog DBscanner supports scanning of Oracle version 9.1 or later, Microsoft SQL Server 2000 or later, IBM DB2 version 8.1 or later for Linux, UNIX and Windows, and MySQL version 4.0 or later.

Existing customers on support can obtain the upgrade to Hedgehog Enterprise v4.0 directly from Sentrigo’s support portal. Hedgehog DBscanner is a separately licensed module in the Hedgehog suite; existing customers wishing to utilize the vulnerability assessment capabilities should contact their account manager for an evaluation license or quotation.

More information about Hedgehog Enterprise 4.0 and Hedgehog DBscanner is available at

Tweet this: Sentrigo announces Hedgehog Enterprise 4.0 with integrated DBscanner for enterprise-level vulnerability assessment of databases

Follow Sentrigo on Twitter at:

About Sentrigo

Sentrigo is a recognized innovator in database security solutions, offering a full suite of products for vulnerability assessment, virtual patching and database monitoring/auditing. The company’s flagship product, Hedgehog Enterprise, provides Database Activity Monitoring (DAM) and real-time Intrusion Prevention, protecting sensitive data from external threats and misuse by privileged insiders. Hedgehog can be quickly and easily deployed at small and midsize organizations, and scales to handle the largest enterprises, providing full visibility into all database activity and allowing enterprises to enforce security policy and comply with regulatory requirements, such as PCI DSS, Sarbanes-Oxley, and HIPAA. The company has won wide acclaim for its technology leadership from publications such as Network World and SC Magazine, and recently received the Cloud Computing World Series Award as the ‘Best Security Solution’, the 2010 Global Product Excellence Award for Database Security from Info Security Products Guide and was a recipient of the 2010 Red Herring 100 North America Award. For additional information and to download Hedgehog, visit

Sentrigo, Sentrigo Hedgehog, Hedgehog IDentifier, Hedgehog vPatch and the Sentrigo logo are trademarks of Sentrigo, Inc. All other trademarks are the property of their respective holders.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights