-->

Saturday, March 3, 2018

Blind SQL Injection Example code:
src: image.slidesharecdn.com

Sentrigo was a privately held software company located in Santa Clara, California, USA, until its acquisition in April, 2011 by McAfee.

The company was founded in 2006 by Nathan Shuchami and Slavik Markovich, to address several key challenges in Database security. Specifically, the inability to monitor activity of privileged users and those who have established such credentials through nefarious means, and the difficulty in maintaining a DBMS at the most current patch level. The company's products have expanded to include a broader suite of database security offerings, including database audit and vulnerability assessment as well.

Investors in Sentrigo included: Benchmark Capital, Stata Ventures and Juniper Networks.


Video Sentrigo



Hedgehog Database Security Suite

Hedgehog is a family of products providing vulnerability assessment and database activity monitoring for the purposes of reducing the risks of a data breach and meeting compliance regulations related to sensitive data. Hedgehog allows customers to protect databases such as Oracle, Microsoft SQL Server, and Sybase, without interfering with their day-to-day operations.


Maps Sentrigo



Hedgehog Enterprise Database Activity Monitoring

The company's primary product, introduced in 2007, Hedgehog Enterprise provides the core monitoring capability based on a sensor and server model. The sensor resides on the database server's OS and monitors the memory/cache for suspect database transactions, sending alerts in real-time to the management console. Thus, unlike network-based or host-based intrusion detection systems (IDS) or intrusion prevention systems (IPS), Hedgehog can fully monitor databases running on Virtual Machines or even in the cloud. The server is a Java-based application that communicates with the sensors and can centrally monitor hundreds of databases. Based on a set of policies and rules, the system can audit, alert on, or suspend sessions that violate preset conditions.


Solution Archives | Page 11 of 23 | E-SPIN Group
src: www.e-spincorp.com


Hedgehog DBscanner

Announced in September, 2010, Hedgehog DBscanner is an enterprise vulnerability assessment solution for databases. It includes capabilities for automatically finding databases on the network, and then subjects them to more than 3,000 different security checks. Reports provide details on discovered vulnerabilities such as the current patch level, weak passwords, shared accounts, configuration errors, and insecure database code. DBscanner can be implemented along with Hedgehog Enterprise, in which case it shares a common management console, or can be run as a standalone module.


2009 09 29 Webinar BD Sentrigo - YouTube
src: i.ytimg.com


Hedgehog vPatch

vPatch, is a solution for "virtual patching" of databases to overcome the problem that many customers are unable to apply security patches to their databases in a timely manner. This may be due to the inability to schedule downtime for a production system, the time lag for testing / 3rd party support for applications on top of the database, or numerous other reasons. Sentrigo vPatch includes a set of rules which generate alerts when known vulnerabilities are exploited, and can be used to terminate attackers' database sessions. vPatch rules are updated on a frequent basis as new security updates are issued by the DBMS vendor, or as new vulnerabilities are discovered by Sentrigo's research team or partners.


Some Coding Rules Avoid hardcoding
src: image.slidesharecdn.com


Hedgehog IDentifier

A common practice in developing applications (and web applications in particular) is the use of fat database accounts (common schema) and pooled connections to enhance application performance. Using this approach raises a problem with full end-to-end user tracking in the database layer. The database is unable to see end-user details like username and IP address, only seeing the application server IP and the common schema account. Hedgehog IDentifier solves this problem by providing an application server plug-in that captures end-user information and transparently propagates it to the database tier by using standard database APIs. No application changes are required. IDentifier supports custom Java and .NET applications as well as all the major business applications. Some technical details are available in this blog entry.


Real World Example SELECT *
src: image.slidesharecdn.com


FuzzOr

FuzzOr (fuzzer for Oracle) is an open source software tool developed by Sentrigo. FuzzOr provides database administrators and programmers with the ability to test PL/SQL code for security vulnerabilities. The tool discovers vulnerabilities by attempting to exploit the code and is particularly helpful in finding SQL Injection and Buffer Overflow vulnerabilities. Sentrigo provides the tool free of charge.


Some Coding Rules Avoid hardcoding
src: image.slidesharecdn.com


References


Blind SQL Injection Example code:
src: image.slidesharecdn.com


External links

  • Official Site
  • Musings on Database Security by Slavik Markovich
  • Fuzzing tool helps Oracle DBAs defend against SQL injection

Source of article : Wikipedia