Big news from DB Networks, a provider of database cybersecurity products. They partnered with Cyphort to offer customers full spectrum visibility from the desktop and network perimeter to deep in the database, and their Layer 7 Database Sensor has been chosen to power Security On-Demand’s Database Threat Protection service.
Cyphort’s Advanced Threat Defense platform will leverage event information from DB Networks’ Layer 7 Database Sensor to help increase fidelity on verdicts of malicious content.
Both Cyphort and DB Networks leverage the power of machine learning coupled with behavior analysis, to provide detection that evolves with threats and protects against new zero-days, APTs and evasive attacks.
Attackers are always trying to move and spread threats to as many locations as possible. From there, they typically look for escalated privileges for an attack on a database. Since the attack can be someone with database privileges, it is important to triangulate what the database is doing as well as the user. By combining these results, typically hidden threats become obvious.
“The combination of Cyphort and DB Networks provides enterprises with a comprehensive analysis of the kill chain,” said Rami Shalom, vice president of product management at DB Networks. “Enterprises can now observe and mitigate risk throughout their entire infrastructure including risks effecting critical data assets, thereby focusing attention on the riskiest activities.”
Database Threat Protection is part of ThreatWatch 2.0 and provides visibility into which applications and users are making connections to the databases. A baseline of normal activity is established for each customer. Alerts for anomalous activity are generated and triaged in Security On-Demand’s 24 x 7 Security Operations Center.
“Databases can be a blind spot for businesses. Many organizations lack policies and procedures for creating or copying databases. The result is a sprawl of undocumented databases. You can’t protect what you don’t know about. With this service, we offer unprecedented insights into database activity, vastly improving the ability to identify insider and external threats,” said Peter Bybee, CEO of Security On-Demand.