informa
Products & Releases

Sentrigo Extends Database Security Offerings

Hedgehog 3.0 now supports Microsoft SQL Server 2008 running on Windows Server 2008, as well as SQL Server 2005 and SQL Server 2000 running on earlier Windows platforms
SAN MATEO, Calif.—August 25, 2009—Sentrigo, Inc., the innovator in database security software, today announced a substantial expansion of its flagship database activity monitoring and intrusion prevention suite. With this release, Hedgehog 3.0 now supports Microsoft SQL Server 2008 running on Windows Server 2008, in addition to already supported SQL Server 2005 and SQL Server 2000 running on earlier Windows platforms. Additionally, Hedgehog vPatch, Sentrigo's virtual patching solution, now includes dozens of additional protections specific to SQL Server. Hedgehog 3.0 also provides several enhancements based on customer input, specifically to meet the accelerating demand for database monitoring to satisfy regulatory requirements.

Sentrigo developed its first products for the Oracle platform, and support was added last year for the most widely deployed versions of SQL Server and Sybase based on customer demand. This latest version fully supports the most recent service packs from Microsoft, including SQL Server 2008 SP1 and Windows Server 2008 SP1.

Slavik Markovich, Sentrigo's chief technology officer, commented: "Hackers use slightly different methods to attack systems built on SQL Server compared to systems using other databases. For example, applications that use a SQL Server back end are commonly targeted by bots and worms, which can deliver a payload that does anything from taking control of the database machine to infecting other systems making use of the database and application. The latest version of Hedgehog is the best way to protect against these vulnerabilities before data has been compromised."

Sentrigo has also been working closely with customers using the solution in deployments to ensure compliance with industry regulations. New or enhanced compliance features now available, include:

  • Masking of sensitive information based on regular expressions " to further limit exposure of credit card numbers, social security numbers, and other PII, even for administrative users viewing alerts in the management interface and logs, data matching customizable filters is masked. By not displaying this information, compliance with HIPAA, PCI DSS, and other regulations is improved.

  • Alerts on excessive behavior " to better meet Sarbanes-Oxley requirements, Hedgehog can now monitor repeated valid activities that are likely to be indicative of a threat. For example, while a call center representative may have a need to confirm a credit card number is valid, dozens or hundreds of such requests within a short timeframe can now be set to trigger an alert.

  • High performance auditing " customers in high volume transactional environments with a need to audit and archive all database events and not simply alert on them, are now able to log activity to a flat file. This allows extremely fast real-time performance, while still providing complete offline review of logs to support forensic analysis.

    "Database Activity Monitoring is quickly becoming a requirement for organizations to demonstrate compliance with a range of industry regulations," stated Andy Feit, VP of Marketing for Sentrigo. "By working closely with leading companies in their respective fields, we are delivering an unmatched feature set that can help any organization most effectively protect their data, and prove to their auditors that they are doing so".

    Unmatched Database Security Capabilities Sentrigo's Hedgehog family of database security products includes these offerings:

  • Hedgehog Enterprise is the only database activity monitoring product to provide full visibility into all activity, including local privileged access, protecting the database in real-time with actionable alerts and intrusion prevention capabilities.

    Hedgehog is built on a memory-based architecture that cannot be bypassed by those who have direct access to the database. In addition, Hedgehog is uniquely suited for use in virtualized environments—unlike network-based appliances, Hedgehog sensors can transparently monitor transactions between virtual machines running within a physical server.

  • Hedgehog vPatch is a subscription service that protects customers' databases against known and zero day exploits during the critical time from when a vulnerability is discovered until a vendor patch can be applied. Unlike vendor patching, Hedgehog vPatch requires no downtime or application testing.

  • Hedgehog IDentifier is an add-on to Hedgehog Enterprise for detecting the person responsible for database activity in a pooled connection environment. IDentifier allows companies to conduct full audits for compliance purposes and to enforce granular control over database access policies.

  • Hedgehog Standard is a free version of the powerful Hedgehog software for smaller database environments, and is limited to alerting only. For more information, or to download this and other Sentrigo database activity monitoring products, please visit http://www.sentrigo.com.

    About Sentrigo Sentrigo, Inc. is a recognized innovator in database security. The company's Hedgehog software provides full-visibility database activity monitoring and real-time protection and has been rapidly adopted by Global 2000 companies to defend mission-critical data against insider misuse as well as outsider intrusion. Enterprises across industry sectors are also using Sentrigo Hedgehog to accelerate compliance with regulatory requirements such as PCI DSS, Sarbanes-Oxley and HIPAA. Sentrigo has won wide acclaim for its industry and technology leadership by publications such as Network World and SC Magazine. For additional information or to download a free trial, visit www.sentrigo.com.

  • Recommended Reading: