McAfee Database Security

Similar documents
Oracle Audit Vault. Trust-but-Verify for Enterprise Databases. Tammy Bednar Sr. Principal Product Manager Oracle Database Security

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

PROFESSIONAL SERVICES (Solution Brief)

IBM services and technology solutions for supporting GDPR program

Integrigy Consulting Overview

Compliance and Privileged Password Management

CoreMax Consulting s Cyber Security Roadmap

Netwrix Auditor. Know Your Data. Protect What Matters. Roy Lopez Solutions Engineer

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

The Realities of Data Security and Compliance: Compliance Security

Database Centric Information Security. Speaker Name / Title

Hacking an Oracle Database and How to Prevent It

Qualys Cloud Platform

Cyber Security Audit & Roadmap Business Process and

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

ALERT LOGIC LOG MANAGER & LOG REVIEW

Welcome to IBM Security Guardium Analyzer!

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

IT infrastructure layers requiring Privileged Identity Management

Locking Down the Cloud Security is Not a Myth

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Overview: Compliance and Security Management PCI-DSS Control Compliance Suite Overview

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Oracle Security Products and Their Relationship to EBS. Presented By: Christopher Carriero

Oracle Audit Vault Implementation

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Reinvent Your 2013 Security Management Strategy

Realizing the Value of Standardized and Automated Database Management SOLUTION WHITE PAPER

What is Penetration Testing?

IBM Security Guardium Analyzer

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Netwrix Auditor Competitive Checklist

A Pragmatic Path to Compliance. Jaffa Law

MySQL Enterprise Security

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

Best Practices for PCI DSS Version 3.2 Network Security Compliance

Data Privacy and Protection GDPR Compliance for Databases

Mitigating Risks with Cloud Computing Dan Reis

IT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao

Trustwave Managed Security Testing

VMware, SQL Server and Encrypting Private Data Townsend Security

Exam : Title : ASAM Advanced Security for Account Managers Exam. Version : Demo

Private Clouds: Opportunity to Improve Data Security and Lower Costs. InfoTRAMS Fusion Tematyczny, Bazy Danych, Kariera I Prywatny Sprzęt t W Pracy

How to manage evolving threats on evolving ICT assets across Enterprise

locuz.com SOC Services

McAfee Database Security Hotfix 2 Release Notes

ITSM SERVICES. Delivering Technology Solutions With Passion

VMware, SQL Server and Encrypting Private Data Townsend Security

ALIENVAULT USM FOR AWS SOLUTION GUIDE

WHITE PAPER. 10 Principles of Database Security Program Design

Cybersecurity The Evolving Landscape

Onapsis: The CISO Imperative Taking Control of SAP

SafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION

VANGUARD WHITE PAPER VANGUARD GOVERNMENT INDUSTRY WHITEPAPER

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Going Without CPU Patches on Oracle E-Business Suite 11i?

The Realities of Database Patching 3. Protecting Databases From Attacks The Stakes Have Never Been Higher 3

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

SYMANTEC DATA CENTER SECURITY

McAfee Database Security Insights

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Session: Oracle RAC vs DB2 LUW purescale. Udo Brede Quest Software. 22 nd November :30 Platform: DB2 LUW

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Virtual Machine Encryption Security & Compliance in the Cloud

Insurance Industry - PCI DSS

Securing Your Cloud Introduction Presentation

About the company. What we do? Cybersecurity solutions adapted to protect enterprise business applications (SAP & Oracle).

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

DbProtect 6.1 Installation Guide

IBM i (iseries, AS/400) Security: the Good, the Bad, and the downright Ugly

IBM Internet Security Systems October Market Intelligence Brief

The 3 Pillars of SharePoint Security

Cloud Customer Architecture for Securing Workloads on Cloud Services

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

CLOUD WORKLOAD SECURITY

Optim. Optim Solutions for Data Governance. R. Kudžma Information management technical sales

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

The Center for Internet Security

IPLocks Vulnerability Assessment: A Database Assessment Solution

CimTrak Product Brief. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

Everything visible. Everything secure.

Oracle Database Cloud for Oracle DBAs Ed 3

Dynamic Datacenter Security Solidex, November 2009

Securely maintaining sensitive financial and

Automating Security Practices for the DevOps Revolution

Oracle Database Auditing

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

<Insert Picture Here> Oracle Database Security

Oracle Database Vault

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

the SWIFT Customer Security

Vormetric Data Security

Lab Test Report DR110208B. McAfee Risk Management Solution. February 8, 2011

Risk Intelligence. Quick Start Guide - Data Breach Risk

Automating the Top 20 CIS Critical Security Controls

Teradata and Protegrity High-Value Protection for High-Value Data

SIEMLESS THREAT DETECTION FOR AWS

Jeff Wilbur VP Marketing Iconix

Transcription:

McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant

Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability Manager for Databases DSS McAfee Database Security Scanner DAM McAfee Database Activity Monitoring VPT Virtual Patching Demo Q&A

Database Security and the Enterprise Databases power the largest applications in the world Customers store their most critical and sensitive data in databases, any loss, interruption, or breach could be disastrous Any vulnerability, misconfiguration or exploitation means non-compliance to audits (HIPAA, SOX, PCI, etc.)

Securing your databases can be very challenging without the right solution I m not even sure where all my databases are, or how securely they are configured We have limited visibility or controls over actual activity in our databases, especially by privileged users. My auditors require logs showing exactly who made changes to certain data, but some of our applications connect directly to the database so I don t always know who issued commands. Many of our applications are running on top of databases that are too critical to take down, or on ones that the DBMS vendor doesn t even release patches for anymore. 4

The Reality Is Database Servers are involved in Database Breaches account for 25% 92% of all breaches of all records breached Source: Verizon Business Study 2010

Databases Contain Your Crown Jewels Customer Records and PII Credit card numbers, account numbers, billing information, authentication data Employee Information SSNs, salary, reviews Financial Data and IP Revenue, receivables, research

Need to be Compliant Regulations require sensitive data be handled securely PCI DSS, Sarbanes-Oxley, HIPAA, SAS 70, GLBA, and other industry-specific regulations Breach Notification Laws Increase Visibility Originally CA SB1386, now in 46 states and widely adopted worldwide U.S. House passed HR 2221 in December, Senate has 2 bills on the floor now EU legislation expected Internal IT Governance Dictates Process Timely installation of patches Segregation of Duties

Why Isn t My Database Secure? Technology Accessed constantly by multiple applications, users Impossible to lock down without impacting accessibility Vulnerable (SQL injection, buffer overflow) Process Patches (ie. Oracle CPU) not applied in timely manner Implementation practices (default/shared passwords, etc.) People Accessed by DBAs, Sys Admins, programmers.

DB Security- The Products McAfee Product MFE Vulnerability Manager for Databases (VMD) McAfee Database Security Scanner (DSS) Target Audience Enterprise, Government, SMB Enterprise, Government, SMB, Consultants, Auditors, (DBA s) epo Integration McAfee Database Activity Monitoring (DBM) Enterprise, Government, SMB in progress McAfee vpatch for Databases (VPT) Enterprise, Government, SMB in progress McAfee Database User IDentifier Enterprise, Government, SMB

McAfee Vulnerability Manager for Databases McAfee Database Security Scanner VULNERABILITY ASSESSMENT

Where are the databases? Knowledge about: Production databases Most important databases Enterprise databases HA databases But, do you know all of the other databases as well? Test databases Temporary databases Databases used during migrations or recovery Project databases Developer databases Databases coupled with an application ALL of them can contain sensitive data!

Where are the databases? The McAfee buildt-in Network Database Scanner helps you to look for all this databases Scanning the network IP Address (Range/List) Database Listener Port (Default and other) SID Database Vendor ALL of them can contain sensitive data!

About Vulnerability Manager for Databases Over 4,300 vulnerability checks Patch levels Weak passwords Configuration base lining Backdoor detection Sensitive data discovery (PII, SSN, etc) Vulnerable PL/SQL code Unused features Custom checks

Best-in-class Vulnerability Assessment for DBs Built on deep practical security knowledge Developed with Alexander Kornbrust of Red Database Security, one of the top authorities on database protection Not simply based on DBMS vendors' "security guidelines" Provide practical remedy advice / solutions Test and report on real issues (vs. lengthy unreadable reports) Prioritized results include fix scripts and expert recommendations Enterprise Ready Centralized reporting for up to thousands of db instances Allow easy automation & integration with other products Create different roles / outputs for dissimilar stakeholders (DBAs, developers, IT Security)

Test - Test Group - Scan VA Scan VA Scan VA #1Scan VA #1Scan VA #1Scan VA #1Scan #1 Test Group AUDIT Data Discovery... About 20. Custom Single Test ALTER USER not audited SYSTEM has default password... > 4,300 PATCH Information Custom Test

Vulnerability Scanner for Databases (v4.5) Cloud DB Network Connectivity to Databases (SQL-Connect) epo ( 4.6) DB DBDBDB DB DB DB

Database Browser screen shot

Management summary report Screen shot

Supported databases Oracle 8i and up MS SQL 2000 and up DB2 (LUW) 8.1 and up MySQL 4.0 and up PostgreSQL 8.3 and up Sybase ASE 12.5 and up SQL Azure

McAfee Database Activity Monitoring (DAM) TRUSTED AUDIT AND REAL-TIME INTRUSION PREVENTION

Fundamental Principles Protection from the Inside Out More effective More efficient Better fit with today s IT environment Lower Cost and Complexity of Implementation Software-only solution Easy to download, evaluate, and buy Fastest Time-to-Compliance No Downtime!

Protect the Database Across ALL Threat Vectors DATABASES CAN BE ACCESSED FROM THREE SOURCES: DB ADMINS SYS ADMINS PROGRAMMERS 1 2 3 From the network From the host From within the database (Intra-DB) SAP Local Connection Network Connection Bequeath Listener DBMS Shared Memory Data Stored Proc. Trigger View intra-db threats

McAfee DAM: Enterprise Deployment Cloud Sensor DB Alerts / Events epo Network McAfee Database Security Server (software) Sensor Sensor Sensor DB DBDBDB DB DB DB Web-based Admin Console

Reaction in Real-time Memory-based, Read-only Sensor is Close Enough to Intervene in Response to Threats Alerting via dashboard or other tools Session termination (via Native DB APIs) User quarantine Firewall update via OPSEC

Only Solution for Virtualization/Cloud Virtualization Memory-based monitoring sees VM-to-VM traffic Efficient local rules processing Works well in a dynamic environment Cloud Computing Distributed model functions well even in WAN environments Automated provisioning and segregation of duties allows in-house monitoring of managed services Cloud Computing Infrastructure D B D B D B D B

Database Dashboard

Supported databases Oracle version 8.1.7 or later, running on Sun Solaris, IBM AIX, Linux, HP-UX, Microsoft Windows Teradata 12, 13, 13.1 and 14 on Linux MySQL 5.1 and 5.5 on Linux Microsoft SQL 2000, 2005, and 2008 on any supported Windows platform Sybase ASE 12.5 or later on all supported platforms IBM DB2 LUW 9.5 and 9.7 IBM Mainframe / zos

McAfee Database Activity Monitoring VIRTUAL PATCHING vpatch

Why Virtual Patching? Applying DBMS security patches is painful: Requires extensive testing and db downtime Often results in business disruption Sometimes it's near impossible: 24/7/365 operations (one maintenance window per year) Heavily customized applications DBMS versions that are no longer supported by vendor (e.g. 8i) Resources are limited Solution: Virtual Patching Protects against known and zero-day vulnerabilities without any downtime or code changes until you can patch

Patch Cycle Database Vendor Patch: Report Analyze Patch Install Time between Report and Install: Months or Years Patches are publish on a monthly or quaterly base Multiple security fixes are collected in a single patch Report: Analyze: Patch: Install: Reporting a vulnerability to the DB vendor Analyzing done by the DB vendor Providing security patch by the DB vendor Installing the patch by the customer

Patch Cycle Report Analyze Patch Install Virtual Patching (by McAfee) R A P I R A P I R A P I R A P I Time between Report and Install: Days or Weeks vpatch updates are published whenever available Installing vpatch automatically or manually NO downtime of the Database 1 FIX = 1 vpatch rule Report: Reporting a vulnerability to the McAfee Team Analyze: Analyzing done by the McAfee Team Patch: Providing vpatch Rule by the McAfee Team Install: Installing vpatch Rule by the customer (automatically/manually)

McAfee Database Security DEMO

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback