Page 15 - index
P. 15
language (SQL) to pass commands. Once the web application is compromised with the attackers own
SQL injection vulnerability, the attacker enjoys a direct path to the database from a trusted source.
The Federal Information Security Management Act (FISMA) includes Continuous Monitoring compliance
requirements specified in NIST 800-53. All Federal agencies, and any organization that provides IT
services to the federal government, must be FISMA compliant. The Federal government is taking a lead
in database security by requiring Core IDS functionality to monitor database transactions and the
contents of the transaction as the information is transmitted.
It’s clear that monitoring all SQL statements between your web application and databases is necessary
for the Advanced Threat Detection (ADT) of rogue SQL. SQL statement monitoring is best accomplished
with a Core IDS or a database firewall appliance operating on mirrored network port at the database
tier. At the database tier the actual SQL statements can be observed. A Core IDS can operate completely
non-intrusively -- not interfering with your database management system or database activity monitor
(DAM). DB Networks Core IDS and database firewall take these products a step further through the use
of behavioral analysis that examines the captured SQL statements and identifies SQL injection attacks in
real-time. DB Networks behavioral analysis model can identify all rogue SQL statements, including zero-
day attacks. This is possible because rogue SQL statements simply don’t match the normal behavior of
the legitimate web application database transactions.
At the end of the day it’s about an effective database defense in depth strategy. A strategy that includes
monitoring of all SQL statements that are in-flight at the database tier. Only then can you truly get your
arms around the advanced SQL injection threat.
About The Author
Michael Sabo is the VP of Marketing at DB Networks. Michael has over
25 years of marketing and strategic planning experience. Prior to DB
Networks, Michael was at Intel Corporation where he was responsible
for strategic planning. Previously, Michael held senior marketing,
business development, and product engineering positions in the
telecommunications industry, including at AirFiber, Rhythms
NetConnections, US West, and Contel. Michael earned a B.S. in
Computer Science from Wright State University and a Masters in
Management Information Systems from the University of Denver.
Michael can be reached through our company website at
www.dbnetworks.com
15 Cyber Warnings E-Magazine – August 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
