sb-as logo
Story image

Trustwave brings database security scanning to the cloud

02 May 2019

Trustwave has announced a new database security scanning and testing software that helps organisations better protect critical data assets hosted on-site or by major cloud service providers from advanced threats, configuration errors, access control issues, unauthorised privilege escalation, missing patches and more.

“Databases are the proverbial ‘bank vaults’ cybercriminals aim to crack leveraging malware, zero-day vulnerabilities, savvy social engineering and other sophisticated means,” says Trustwave product management senior vice president C.J. Spallitta.

“As businesses continue expanding globally, obtain new assets through acquisitions and adopt mixed computing models to control costs, maintaining data visibility while keeping pace with an evolving threat landscape becomes a challenge.”

Trustwave DbProtect is a scalable comprehensive database security platform that delivers real-time visibility and protection to data housed across an organisation’s footprint no matter what environment or a mix of environments the data traverses or resides.

The software offers compliance management capabilities through constant monitoring for unusual data behaviours indicative of a breach or policy violations.

New features in Trustwave DbProtect include:    

  • Support for major cloud providers --Trustwave DbProtect allows customers to protect big data stores across (and in between) major cloud services including Amazon Web Services, Amazon Relational Database Service, Microsoft Azure, Google Cloud Platform, GovCloud, FedCloud and others supporting Windows Server. Organisations choosing to host operations entirely in the cloud benefit by eliminating the need to have a locally installed management console and backend database servers.
     
  • Powerful database discovery and agentless scanning --Trustwave DbProtect quickly discovers all databases and associated objects, users and enabled security features across an organisation’s entire footprint and chosen deployments including on-premises, hosted and hybrid cloud. An agentless scanning feature eliminates the need for scanner installation on each individual database in favour of a single scanning engine that can connect and administer vulnerability and rights management scans on thousands of databases simultaneously.
     
  • Cybersecurity risk and compliance infraction reduction --Trustwave DbProtect identifies data leakage, misconfigurations, access control issues, missing patches, unauthorised data modifications and other concerns that put organisations at risk for breaches and associated steep fines for non-compliance. Organisations can collect and correlate a forensic audit trail of all privileged database activities to meet regulatory obligations effectively.   
     
  • Real-time alerting for threats and policy violations -- Organisations gain a picture on the state of their data security and compliance efforts at any point in time. Once a baseline is established, Trustwave DbProtect continuously monitors for new threats and data policy violations alerting information technology and security teams. Detailed analysis and ranking depending on the severity of each instance are given allowing internal teams to prioritise and properly plan to take appropriate corrective actions.
     
  • Single dashboard view and reporting -- Trustwave DbProtect delivers a single consolidated view of threats, vulnerabilities, perceived risks and compliance endeavours across the entire data environment. Using analytics, database administrators can drill down for detailed views of each individual database or group of databases to run reports against an established baseline charting progress and operational efficiencies. 
Story image
Exploits on organisations doubling every two to three hours after news of Microsoft Exchange’s four zero-day vulnerabilities
The race has started between hackers and security professionals following the disclosure of vulnerabilities on Microsoft Exchange Servers, according to Check Point Research.More
Story image
Zscaler and CrowdStrike release integrations for end-to-end security
This collaboration between the two cloud-native security companies provides joint customers with adaptive, risk-based access control to private applications.More
Story image
Hybrid IAM solutions are the way of the future, study states
“As this first-of-its-kind research shows, while IT leaders are faced with unique criteria and conditions that shape their IT strategy, hybrid IAM has emerged as a necessity."More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More