Enterprise software giant Oracle has updated its Database Firewall product to help companies block both malicious insiders and SQL injection attacks from accessing sensitive data.
The new release of Oracle Database Firewall introduces support for MySQL Enterprise Edition and other reporting capabilities, Oracle said 9 January.
The database firewall protects MySQL databases from data breaches without requiring the administrator to make any changes to the database infrastructure or to the underlying operating system running the database, Vipin Samar, vice president of database security at Oracle, told eWEEK. Developers also won’t have to modify existing applications to take advantage of the SQL injection defence capabilities, he said.
“With new MySQL support, Oracle Database Firewall extends the combination of databases that organizations can secure across their enterprise,” said Samar.
The Oracle Database Firewall establishes a “defensive perimeter” around databases, which would help administrators address threats such as SQL injection attacks, according to Samar. SQL injection attacks are commonly used by attackers exploiting a vulnerability in Web applications to access and extract data from a database. It is often used by submitting a malicious query in a form in the application, such as a comment box, which tricks the database into executing the query.
The grammar-based analytical engine compares the SQL queries being submitted with the queries it knows are within the parameters of “normal application behaviour” to identify any anomalies, Samar said. When the application sends a suspicious SQL query to the database, the firewall can block the query entirely, substitute it with a harmless query for the database to execute or just log it, depending on the severity, said Samar. The firewall can also issue alerts to administrators when necessary.
If the application is designed to obtain records from the customer table in the database, any query trying to get data from another table is automatically suspicious and can be stopped, Roxana Bradescu, senior director of security product management at Oracle, told eWEEK. Malicious queries, such as one that orders the elimination of entire data tables can be automatically blocked, Bradescu said.
In a recent Independent Oracle Users Group survey, only 36 percent of respondents said that they have taken steps to ensure their applications are not susceptible to SQL injection attacks, according to Bradescu.
The firewall monitors application behaviour in real time to help prevent both SQL injection attacks as well as unauthorized attempts internally to access data, Samar said.
Oracle Database Firewall is also integrated with Oracle Advanced Security, which allows administrators to monitor all encrypted traffic going to the database for any potential threats.
The new reporting infrastructure in the firewall will help organisations address various regulatory compliance requirements, according to Samar. The new version has 10 new out-of-the-box reports specifically addressing privacy and regulatory mandates such as the Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI) Data Security Standard (DSS) and Sarbanes Oxley. Oracle Business Intelligence Publisher customers can take advantage of all capabilities for authoring, managing and delivering highly formatted reports, the company said.
MySQL joined Oracle’s product portfolio when the database giant closed on its $7.4 billion (£4.8bn) deal for Sun Microsystems in January 2010. Sun originally acquired MySQL AB, the development team behind the open-source database, for approximately $1 billion (£645m) in 2008.
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…
Most people in the United States view TikTok as a Chinese influence tool a poll…
UK regulator confirms it is investigating whether OnlyFans is doing enough to prevent children accessing…
Dismissed staff file complaint with a US labor board, and allege Google unlawfully terminated their…
Elon Musk dismisses two senior Tesla executives, plus the entire division that runs Tesla's Supercharger…
View Comments
The Verizon Security Report(*) says, 92 % of compromised data came from database servers. That is why implementing end-point security is not enough. Security controls need to be closer to the assets being targeted by attackers.I think the "secret sauce" of the Oracle Database Firewall is, its SQL grammar parsing engine. It is designed in such a way that it can prevent SQL Injection attacks which account for more than 86 % of records stolen or compromised by hackers.