Channel : Database Security
Application Security, Inc., a provider of database security, risk and compliance (SRC) solutions for the enterprise, and NEON Enterprise Software, a provider of solutions for mainframe customers, have announced a strategic alliance to deliver enterprise SRC solutions for monitoring database activity on the mainframe. The "compliance tidal wave" that has been hitting IT is now crashing on the mainframe, Josh Shaul, vice president product management, AppSec, tells 5 Minute Briefing. As open systems have succeeded in becoming "much more locked down," regulators are naturally expanding the breadth of their audits to include the mainframes to ensure that proper controls are there as well, he explains. And while it is very hard to hack into mainframe systems, Shaul notes, for authorized users the potential for abuse that exists on the mainframe is the same as in distributed systems.
Rapid patch deployment translates to increased security, compliance, and improved database operation, but the reality is that patch deployments are often delayed by weeks, months, or even years due to a range of factors. Join a live webcast on Thursday, January 20 at 11 am PT / 2 pm ET to learn about how to overcome gaps in database patch deployment.
Sentrigo, Inc., a provider of database security and data protection solutions for the data center and the cloud, today announced version 4.1 of its Hedgehog Enterprise database security suite, a fully integrated database activity monitoring and vulnerability assessment solution for enterprise organizations. The suite now provides additional platform support of Sybase and MySQL databases in Hedgehog DBscanner - the enterprise-class vulnerability assessment and security scanning solution the company introduced in September, 2010. As part of v4.1, Hedgehog DBscanner now conducts checks for nearly 4,000 potential weaknesses, including tests for operating system-level configuration aimed at identifying potential vulnerabilities that stem from the installation and setup of the database management systems, and not necessarily from the DBMS software itself. These OS-level checks further automate the process of achieving compliance for key security benchmarks.
While it is already commonly known that rapid patch deployment translates to increased security, compliance, and improved database operation, the reality is that patch deployments are often delayed by weeks, months, or even years due to a range of factors. A live webcast on overcoming gaps in database patch deployment will be presented by former Citicorp CISO Mike Stiglianese and Sentrigo vice president of marketing Andy Feit, and hosted by Tom Wilson, president of DBTA and Unisphere Research.
When designing a system an architect must conform to all three corners of the CIA (Confidentiality, Integrity and Accessibility) triangle. System requirements for data confidentiality are driven not only by business rules but also by legal and compliance requirements. As such, the data confidentiality (when required) must be preserved at any cost and irrespective of performance, availability or any other implications. Integrity and Accessibility, the other two sides of triangle, may have some flexibility in design.
As security threats increase and become more sophisticated, organizations face pressure to implement strong processes and technology solutions to ensure compliance and the safety of critical assets. The risks associated with a data breach can be devastating, regardless of whether it is due to a simple mistake, or a stolen end-point device such as a laptop. The impact goes beyond fines and lost revenue, to negatively impacting an organization's brand identity and equity, or jeopardizing customers' trust. Providing greater clarity, as well as aligning with industry changes and best practices, Version 2.0 of the PCI DSS standard went into effect earlier this month.
Sentrigo, Inc., a provider of database security and data protection solutions for the data center and the cloud, said it has secured $6 million in a Series C funding round. The round included participation from existing investors Benchmark Capital and Stata Venture Partners, as well as a new strategic investment from Juniper Networks, through the Junos Innovation Fund. The financing will allow Sentrigo to increase global sales and marketing activities in support of its rapid revenue growth rate, as well as to continue expanding its database security and data integrity solutions for the cloud.
A new software and analysis solution from IBM is intended to provide a more efficient and accurate way to help organizations design, build and manage secure applications. The new software, based on enhancements to the IBM Rational AppScan line, consolidates software vulnerability analysis and reporting into a single view across the enterprise. Developers can now assess security threats across the entire software development lifecycle, enabling global development teams to more readily identify and test security exposures.
INNOVATION Data Processing, a mainframe data management provider, announced it is working with EMC, a storage solutions provider, to offer joint solutions for IBM's new zEnterprise mainframe, together with EMC Symmetrix multi-platform access from System z (i.e., z/SOS for Symmetrix). INNOVATION announced two new solutions, FDRSOS V5.4.75 and SOSINSTANT, to support enterprise backup of open systems onto a mainframe and EMC platform.
IBM announced a new software and analysis solution intended to provide a more efficient and accurate way to help organizations design, build and manage secure applications. The new software, based on enhancements to the IBM Rational AppScan line, consolidates software vulnerability analysis and reporting into a single view across the enterprise. Developers can now assess security threats across the entire software development lifecycle, enabling global development teams to more readily identify and test security exposures.
TwinStrata, Inc., a provider of data protection and iSCSI cloud storage solutions, has integrated Scality's RING storage platform into its family of CloudArray virtual and physical appliances. With the addition of Scality integration, CloudArray customers can now choose and deploy either a private cloud environment or connect with available public cloud providers powered by Scality RING, and receive off-site data protection and disaster recovery capabilities on a plug-and-play basis.
eIQnetworks, Inc., a provider of unified situational awareness solutions, announced the launch of ForensicVue, a real-time forensic search engine designed to provide enterprise security analysts with the ability to search every piece of security data on their network. ForensicVue is offered as a component of SecureVue, the vendor's situational awareness platform, and is intended to help organizations rapidly get to the root cause of incidents.
If you've been following news reports about the ongoing WikiLeaks saga, you've no doubt noticed that it is a trusted insider, an army intelligence analyst, who is believed to be responsible for downloading the sensitive documents and handing them over to WikiLeaks. Too often it seems, threats to data security from far outside the firewall are overemphasized, while risks that exist due to routine practices such as the shipment of live production data to development teams and outside parties, or insufficient monitoring of data access by insiders may actually be more likely to cause an organization problems.
The IOUG has completed a number of ground-breaking studies in 2010 through the IOUG ResearchWire program. Conducted among IOUG members by Unisphere Research, 2010 IOUG ResearchWire Executive Summaries are available to all on the IOUG website.
Fifty percent of enterprises are now using open source databases in a production environment, according to Forrester Research.This is a multi-digit jump from data available just a few years ago. And this isn't just one or two particular business verticals either; just about every sector of the economy is deploying open source databases in production now. Moreover, Forrester predicts that by 2014, 75% of all businesses will be using open source databases to power their key applications.
These days, many companies recognize that there are severe repercussions to ignoring or undervaluing data security, and a sizable segment of organizations-at least one-third in many cases-have been taking additional measures to bolster their data security.
The year 2010 brought many new challenges and opportunities to data managers' jobs everywhere. Companies, still recovering from a savage recession, increasingly turned to the power of analytics to turn data stores into actionable insights, and hopefully gain an edge over less data-savvy competitors. At the same time, data managers and administrators alike found themselves tasked with managing and maintaining the integrity of rapidly multiplying volumes of data, often presented in a dizzying array of formats and structures. New tools and approaches were sought; and the market churning with promising new offerings embracing virtualization, consolidation and information lifecycle management. Where will this lead in the year ahead? Can we expect an acceleration of these initiatives and more? DBTA looked at new industry research, and spoke with leading experts in the data management space, to identify the top trends for 2011.
Vanguard Integrity Professionals, a provider of enterprise security software for mainframes, has announced the general availability of Vanguard Configuration Manager, new software that aims to reduce the cost and time required to test mainframe systems to assess their accordance with the Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs). According to Vanguard, its new configuration management software is the only fully automated baseline configuration scanner for mainframe DISA STIGs today.
Sentrigo, Inc., a database security software provider, has announced the latest version of its database vulnerability assessment and security scanning software solution. The new release, Repscan 4.0, available with more flexible pricing options, offers expanded support for cloud-based and open source database platforms, productivity enhancements for database administrators (DBAs), and added management capabilities.
Attachmate Corporation and Novell, Inc. yesterday announced the signing of a definitive agreement for Attachmate to acquire Novell for a purchase price of $6.10 per common share in cash, in a transaction valued at approximately $2.2 billion.
Oracle has unveiled Oracle Tutor 14, the latest version of its process documentation tool. Oracle Tutor is a single, user-friendly repository for documenting and sharing business processes that streamlines training, facilitates information sharing and improves document consistency by enabling organizations to easily create, deploy and maintain enterprise policies and procedures.
Sentrigo, Inc., a provider of database security software, has announced that Sentrigo Hedgehog Enterprise and vPatch solutions are now available on Amazon Elastic Compute Cloud (Amazon EC2) for database audit, protection and breach prevention. Sentrigo's database compliance and security solutions allow organizations to more easily run applications subject to PCI-DSS, HIPAA, SEC regulations and more on Amazon EC2.
White Sands Technology, a provider of multi-platform database tools headquartered in Canoga Park, Calif. with offices located in the UK and Finland, has announced the upcoming release of three ProActive DBA products for Sybase Replication Server DBAs. General release of these new products will be in Q1 2011. The three products include ProActive DBA TimeLine 24x7, ProActive DBA SQL Capture for Sybase RepServer, and ProActive DBA Login Capture for Sybase RepServer.
Attunity Ltd., a provider of real-time data integration and event capture software, announced major enhancements to its CDC Suite for SSIS, providing a comprehensive solution for replicating data in real-time across a wide range of heterogeneous data sources at an affordable price point. The product suite is used by customers worldwide to enable real-time business intelligence (BI) and designed to improve business operations and reduce costs.
The Professional Association for SQL Server (PASS) held the annual PASS Summit last week drawing 2,814 delegates and 993 pre/post-conference attendees for a total of 3,807 registrations. It is the largest turnout since the inception of the conference, and represents a 25% increase in attendance over 2009. The SQL Server community is growing "and we are very much a part of that community," Rick Heiges, vice president of marketing, PASS, told 5 Minute Briefing. The record conference attendance was not a surprise, he added. "Last year, our numbers were down about 10% but that was actually fantastic because a lot of other shows were down as much as 50%. We knew that we had a strong base to build upon. We saw signs of the economy coming back so when we started to budget for this year we had a good feeling that we would be able to have record attendance because our community is just so passionate about being here and getting together each and every year."
EMC Corporation last week announced it has acquired Bedford, Massachusetts-based Bus-Tech, Inc., and today also announced it has signed a definitive agreement under which it will acquire Isilon Systems, Inc. Bus-Tech is a privately held provider of VTL (Virtual Tape Library) solutions that utilize open systems disk storage to store and retrieve mainframe tape data. Bus-Tech products enhance EMC solutions for mainframe batch processing, backup and recovery, disaster recovery, and data archiving applications. Isilon Systems is a fast-growing "Scale-out NAS" (network attached storage) systems company, based in Seattle, Washington.
HP has announced the next version of its HP SOA Systinet governance platform, which adds new features such as personalized user experience, user-defined repository partitions, and multi-level application visualization capabilities. SOA Systinet 4.0 also adds support for multiple application components.
Raytheon, a provider of Infrastructure security solutions, announced it has acquired Trusted Computer Solutions (TCS), a privately held company that delivers a portfolio of cross-domain, operating system and network security solutions.
Application Security, Inc.(AppSec), a provider of database security, risk and compliance solutions (SRC) for the enterprise, and Unisphere Research have announced a new database security report, "Data in the Dark: Organizational Disconnect Hampers Information Security." The report, based on research conducted among 761 members of the Professional Association for SQL Server (PASS), reveals that companies suffer from a false sense of security.