Database Security Articles
Application Security, Inc., a provider of database security, risk and compliance solutions, and NEON Enterprise Software, a provider of mainframe solutions, have announced a strategic alliance to deliver enterprise security solutions for monitoring database activity on the mainframe. The "compliance tidal wave" that has been hitting IT is now crashing on the mainframe, Josh Shaul, vice president product management, AppSec, tells 5 Minute Briefing. As open systems have succeeded in becoming "much more locked down," regulators are naturally expanding the breadth of their audits to include mainframes to ensure that proper controls are there as well, he explains. And while it is very hard to hack into mainframe systems, Shaul notes, for authorized users the potential for abuse exists on the mainframe in the same way as it does in distributed systems.
Posted January 24, 2011
Symantec Corp. has introduced two new appliances designed to provide customers with a more flexible delivery model for its data protection, storage management and security solutions. The Symantec FileStore N8300 is a scale-out, clustered network attached storage (NAS) appliance designed to help customers address the business challenges associated with building out cloud storage, managing large volumes of data and controlling the associated storage costs. The NetBackup 5200 appliance series helps customers expand their data protection infrastructure with an all-in-one hardware and software backup solution that integrates deduplication to reduce storage.
Posted January 24, 2011
3X Systems has released version 3.0 of its 500 and Tera Series remote backup appliances, capable of automatically backing up Microsoft Windows-based servers, workstations, and laptops over the internet to a central storage device that delivers data protection and disaster recovery capabilities. The new features in version 3.0 of the appliances provide more flexibility for users, Alan Arman, CEO, 3X, tells 5 Minute Briefing. "You utilize one console to back up your servers, your virtual environment, your laptops in the field, and back up remote offices, all managed under a policy-based back up. That saves administrators quite a bit of time."
Posted January 24, 2011
MicroStrategy Inc., a provider of business intelligence software, says that in benchmark tests of its latest software release, MicroStrategy 9.0.2, the software can support more than 100,000 active users while delivering average response times under two seconds. MicroStrategy's high performance and scalability tests consisted of a four-node clustered configuration of MicroStrategy Intelligence Server containing a total of 32 CPU cores, running on commodity Intel-based hardware with the Red Hat Linux ES operating system. A query volume of 560,000 round-trip queries per hour was sustained while supporting over 100,000 active users, which can be extrapolated to a total user population of 500,000 people, the vendor says.
Posted January 18, 2011
Application Security, Inc., a provider of database security, risk and compliance (SRC) solutions for the enterprise, and NEON Enterprise Software, a provider of solutions for mainframe customers, have announced a strategic alliance to deliver enterprise SRC solutions for monitoring database activity on the mainframe. The "compliance tidal wave" that has been hitting IT is now crashing on the mainframe, Josh Shaul, vice president product management, AppSec, tells 5 Minute Briefing. As open systems have succeeded in becoming "much more locked down," regulators are naturally expanding the breadth of their audits to include the mainframes to ensure that proper controls are there as well, he explains. And while it is very hard to hack into mainframe systems, Shaul notes, for authorized users the potential for abuse that exists on the mainframe is the same as in distributed systems.
Posted January 18, 2011
Sentrigo, Inc., a provider of database security and data protection solutions for the data center and the cloud, today announced version 4.1 of its Hedgehog Enterprise database security suite, a fully integrated database activity monitoring and vulnerability assessment solution for enterprise organizations. The suite now provides additional platform support of Sybase and MySQL databases in Hedgehog DBscanner - the enterprise-class vulnerability assessment and security scanning solution the company introduced in September, 2010. As part of v4.1, Hedgehog DBscanner now conducts checks for nearly 4,000 potential weaknesses, including tests for operating system-level configuration aimed at identifying potential vulnerabilities that stem from the installation and setup of the database management systems, and not necessarily from the DBMS software itself. These OS-level checks further automate the process of achieving compliance for key security benchmarks.
Posted January 11, 2011
When designing a system an architect must conform to all three corners of the CIA (Confidentiality, Integrity and Accessibility) triangle. System requirements for data confidentiality are driven not only by business rules but also by legal and compliance requirements. As such, the data confidentiality (when required) must be preserved at any cost and irrespective of performance, availability or any other implications. Integrity and Accessibility, the other two sides of triangle, may have some flexibility in design.
Posted January 07, 2011
As security threats increase and become more sophisticated, organizations face pressure to implement strong processes and technology solutions to ensure compliance and the safety of critical assets. The risks associated with a data breach can be devastating, regardless of whether it is due to a simple mistake, or a stolen end-point device such as a laptop. The impact goes beyond fines and lost revenue, to negatively impacting an organization's brand identity and equity, or jeopardizing customers' trust. Providing greater clarity, as well as aligning with industry changes and best practices, Version 2.0 of the PCI DSS standard went into effect earlier this month.
Posted January 07, 2011
Sentrigo, Inc., a provider of database security and data protection solutions for the data center and the cloud, said it has secured $6 million in a Series C funding round. The round included participation from existing investors Benchmark Capital and Stata Venture Partners, as well as a new strategic investment from Juniper Networks, through the Junos Innovation Fund. The financing will allow Sentrigo to increase global sales and marketing activities in support of its rapid revenue growth rate, as well as to continue expanding its database security and data integrity solutions for the cloud.
Posted December 21, 2010
A new software and analysis solution from IBM is intended to provide a more efficient and accurate way to help organizations design, build and manage secure applications. The new software, based on enhancements to the IBM Rational AppScan line, consolidates software vulnerability analysis and reporting into a single view across the enterprise. Developers can now assess security threats across the entire software development lifecycle, enabling global development teams to more readily identify and test security exposures.
Posted December 14, 2010
INNOVATION Data Processing, a mainframe data management provider, announced it is working with EMC, a storage solutions provider, to offer joint solutions for IBM's new zEnterprise mainframe, together with EMC Symmetrix multi-platform access from System z (i.e., z/SOS for Symmetrix). INNOVATION announced two new solutions, FDRSOS V5.4.75 and SOSINSTANT, to support enterprise backup of open systems onto a mainframe and EMC platform.
Posted December 13, 2010
IBM announced a new software and analysis solution intended to provide a more efficient and accurate way to help organizations design, build and manage secure applications. The new software, based on enhancements to the IBM Rational AppScan line, consolidates software vulnerability analysis and reporting into a single view across the enterprise. Developers can now assess security threats across the entire software development lifecycle, enabling global development teams to more readily identify and test security exposures.
Posted December 13, 2010
TwinStrata, Inc., a provider of data protection and iSCSI cloud storage solutions, has integrated Scality's RING storage platform into its family of CloudArray virtual and physical appliances. With the addition of Scality integration, CloudArray customers can now choose and deploy either a private cloud environment or connect with available public cloud providers powered by Scality RING, and receive off-site data protection and disaster recovery capabilities on a plug-and-play basis.
Posted December 13, 2010
eIQnetworks, Inc., a provider of unified situational awareness solutions, announced the launch of ForensicVue, a real-time forensic search engine designed to provide enterprise security analysts with the ability to search every piece of security data on their network. ForensicVue is offered as a component of SecureVue, the vendor's situational awareness platform, and is intended to help organizations rapidly get to the root cause of incidents.
Posted December 07, 2010
The IOUG has completed a number of ground-breaking studies in 2010 through the IOUG ResearchWire program. Conducted among IOUG members by Unisphere Research, 2010 IOUG ResearchWire Executive Summaries are available to all on the IOUG website.
Posted December 01, 2010
Fifty percent of enterprises are now using open source databases in a production environment, according to Forrester Research.This is a multi-digit jump from data available just a few years ago. And this isn't just one or two particular business verticals either; just about every sector of the economy is deploying open source databases in production now. Moreover, Forrester predicts that by 2014, 75% of all businesses will be using open source databases to power their key applications.
Posted November 30, 2010
These days, many companies recognize that there are severe repercussions to ignoring or undervaluing data security, and a sizable segment of organizations-at least one-third in many cases-have been taking additional measures to bolster their data security.
Posted November 30, 2010
The year 2010 brought many new challenges and opportunities to data managers' jobs everywhere. Companies, still recovering from a savage recession, increasingly turned to the power of analytics to turn data stores into actionable insights, and hopefully gain an edge over less data-savvy competitors. At the same time, data managers and administrators alike found themselves tasked with managing and maintaining the integrity of rapidly multiplying volumes of data, often presented in a dizzying array of formats and structures. New tools and approaches were sought; and the market churning with promising new offerings embracing virtualization, consolidation and information lifecycle management. Where will this lead in the year ahead? Can we expect an acceleration of these initiatives and more? DBTA looked at new industry research, and spoke with leading experts in the data management space, to identify the top trends for 2011.
Posted November 30, 2010
Vanguard Integrity Professionals, a provider of enterprise security software for mainframes, has announced the general availability of Vanguard Configuration Manager, new software that aims to reduce the cost and time required to test mainframe systems to assess their accordance with the Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs). According to Vanguard, its new configuration management software is the only fully automated baseline configuration scanner for mainframe DISA STIGs today.
Posted November 29, 2010
Sentrigo, Inc., a database security software provider, has announced the latest version of its database vulnerability assessment and security scanning software solution. The new release, Repscan 4.0, available with more flexible pricing options, offers expanded support for cloud-based and open source database platforms, productivity enhancements for database administrators (DBAs), and added management capabilities.
Posted November 23, 2010
Attachmate Corporation and Novell, Inc. yesterday announced the signing of a definitive agreement for Attachmate to acquire Novell for a purchase price of $6.10 per common share in cash, in a transaction valued at approximately $2.2 billion.
Posted November 23, 2010
Oracle has unveiled Oracle Tutor 14, the latest version of its process documentation tool. Oracle Tutor is a single, user-friendly repository for documenting and sharing business processes that streamlines training, facilitates information sharing and improves document consistency by enabling organizations to easily create, deploy and maintain enterprise policies and procedures.
Posted November 17, 2010
Sentrigo, Inc., a provider of database security software, has announced that Sentrigo Hedgehog Enterprise and vPatch solutions are now available on Amazon Elastic Compute Cloud (Amazon EC2) for database audit, protection and breach prevention. Sentrigo's database compliance and security solutions allow organizations to more easily run applications subject to PCI-DSS, HIPAA, SEC regulations and more on Amazon EC2.
Posted November 17, 2010
White Sands Technology, a provider of multi-platform database tools headquartered in Canoga Park, Calif. with offices located in the UK and Finland, has announced the upcoming release of three ProActive DBA products for Sybase Replication Server DBAs. General release of these new products will be in Q1 2011. The three products include ProActive DBA TimeLine 24x7, ProActive DBA SQL Capture for Sybase RepServer, and ProActive DBA Login Capture for Sybase RepServer.
Posted November 17, 2010
Attunity Ltd., a provider of real-time data integration and event capture software, announced major enhancements to its CDC Suite for SSIS, providing a comprehensive solution for replicating data in real-time across a wide range of heterogeneous data sources at an affordable price point. The product suite is used by customers worldwide to enable real-time business intelligence (BI) and designed to improve business operations and reduce costs.
Posted November 16, 2010
The Professional Association for SQL Server (PASS) held the annual PASS Summit last week drawing 2,814 delegates and 993 pre/post-conference attendees for a total of 3,807 registrations. It is the largest turnout since the inception of the conference, and represents a 25% increase in attendance over 2009. The SQL Server community is growing "and we are very much a part of that community," Rick Heiges, vice president of marketing, PASS, told 5 Minute Briefing. The record conference attendance was not a surprise, he added. "Last year, our numbers were down about 10% but that was actually fantastic because a lot of other shows were down as much as 50%. We knew that we had a strong base to build upon. We saw signs of the economy coming back so when we started to budget for this year we had a good feeling that we would be able to have record attendance because our community is just so passionate about being here and getting together each and every year."
Posted November 16, 2010
EMC Corporation last week announced it has acquired Bedford, Massachusetts-based Bus-Tech, Inc., and today also announced it has signed a definitive agreement under which it will acquire Isilon Systems, Inc. Bus-Tech is a privately held provider of VTL (Virtual Tape Library) solutions that utilize open systems disk storage to store and retrieve mainframe tape data. Bus-Tech products enhance EMC solutions for mainframe batch processing, backup and recovery, disaster recovery, and data archiving applications. Isilon Systems is a fast-growing "Scale-out NAS" (network attached storage) systems company, based in Seattle, Washington.
Posted November 15, 2010
HP has announced the next version of its HP SOA Systinet governance platform, which adds new features such as personalized user experience, user-defined repository partitions, and multi-level application visualization capabilities. SOA Systinet 4.0 also adds support for multiple application components.
Posted November 15, 2010
Raytheon, a provider of Infrastructure security solutions, announced it has acquired Trusted Computer Solutions (TCS), a privately held company that delivers a portfolio of cross-domain, operating system and network security solutions.
Posted November 15, 2010
Application Security, Inc.(AppSec), a provider of database security, risk and compliance solutions (SRC) for the enterprise, and Unisphere Research have announced a new database security report, "Data in the Dark: Organizational Disconnect Hampers Information Security." The report, based on research conducted among 761 members of the Professional Association for SQL Server (PASS), reveals that companies suffer from a false sense of security.
Posted November 09, 2010
At InformaticaWorld last week, Informatica announced the general availability of the latest release of its master data management (MDM) product, Informatica 9 MDM.
Posted November 09, 2010
Oracle has announced the StorageTek Virtual Library Extension (VLE), one of the industry's first highly scalable second tiers of disk storage that optimizes tape processing in mainframe environments. Oracle says the new offering delivers two times the disk scalability to boost performance and accommodate growing workloads, along with five times the availability of current mainframe tape solutions.
Posted November 03, 2010
Quest Software, Inc. has announced new initiatives around SharePlex for Oracle, its Oracle data replication solution, in order to put real-time replication within reach of organizations with small IT departments and tight budgets.
Posted November 03, 2010
Sentrigo, Inc., a provider of database security software, has announced that Sentrigo Hedgehog Enterprise and vPatch solutions are now available on Amazon Elastic Compute Cloud (Amazon EC2) for database audit, protection and breach prevention. Sentrigo's database compliance and security solutions allow organizations to more easily run applications subject to PCI-DSS, HIPAA, SEC regulations and more on Amazon EC2.
Posted November 03, 2010
The Pythian Group, Inc., a provider of remote database infrastructure services, has announced it has achieved four specializations under the OPN (Oracle PartnerNetwork) Specialized Program. Already a Platinum member of the OPN, Pythian has met a series of demanding technical and business requirements to earn the specializations in Oracle Database 11g, Real Application Clusters (RAC), Database Performance Tuning, and Oracle Linux. The specialized status serves as an indicator to both Oracle customers and to the Oracle team that Pythian is "a preferred go-to partner that they can engage" when facing complex problems.
Posted October 19, 2010
OpenTech Systems, Inc., a provider of tape copying, migration and disaster recovery solutions for IBM z/OS-centric data centers, announced a new release of its flagship tape copy product that includes object access method (OAM) support, along with the ability allocate data to underutilized tapes.
Posted October 18, 2010
PKWARE, Inc., a provider of data security and compression software, introduced products that extend the functionality of PKZIP and SecureZIP for Linux to mainframe environments. The new release of PKZIP and SecureZIP products for Linux on the System z operating platform supports file management and data compression on mainframes.
Posted October 18, 2010
Trusted Computer Solutions (TCS), a developer of cross-domain, operating system and network security solutions, has announced that it has partnered with Vicom Infinity, an IBM Premier Business Partner System z reseller, to offer TCS' automated operating system hardening tool to customers across all industries, especially finance and insurance, throughout North America, Canada and Australia. Security Blanket will enable Vicom Infinity mainframe users to assess Linux VMs and identify security vulnerabilities using pre-defined industry or customized security guidelines, and automatically configure the Linux VMs to a hardened state.
Posted October 13, 2010
PKWARE, Inc., a provider of data-centric security and compression software, has introduced its PKZIP and SecureZIP products for Linux on the System z operating platform.
Posted October 13, 2010
Cloud computing offers the promise of greater agility, resource optimization, and user performance, yet many businesses are understandably leery about jumping onto the cloud bandwagon until they have assurances that hosted resources will be secure. In fact, security concerns are the main obstacle to widespread cloud computing adoption among enterprises today. Before taking advantage of these capabilities, businesses need to assure users they have a simple way to access all their applications, and trust that their information is secure in the cloud.
Posted October 12, 2010
IBM is offering new software that helps businesses protect customer data and other sensitive information from security breaches. The new software, which supports both System z and SAP implementations, automatically monitors structured data and application usage across the enterprise and immediately alerts management to unusual activity.
Posted September 22, 2010
Sentrigo, Inc., a provider of database security software, has announced the availability of an integrated database activity monitoring and vulnerability assessment solution. Hedgehog Enterprise v4.0 provides a database activity monitoring and intrusion prevention platform combined with new capabilities to find, scan and validate databases containing sensitive information on a network to meet regulatory standards.
Posted September 21, 2010
Application Security, Inc., a provider of database security, risk and compliance (SRC) solutions for the enterprise, has announced the addition of Rights Management to its flagship enterprise platform, DbProtect. Determining who has rights to what data can be a laborious task and it is something that many organizations avoid because they think the task is impossible to complete, Josh Shaul, vice president of product management, AppSec, tells 5 Minute Briefing. "We realized we could solve the problem very effectively with software." The new Rights Management module allows information security analysts, business managers, and database administrators (DBAs) to automate user entitlement reviews in enterprise database environments, and also enables organizations to meet compliance regulations mandating the implementation of strong access control measures, such as those required by the Payment Card Industry - Data Security Standard (PCI-DSS.)
Posted September 21, 2010
EnterpriseDB, which provides products, services, support and training based on the PostgreSQL open source database project, has announced support for the newly released PostgreSQL 9.0 open source relational database. PostgreSQL 9.0 includes more than a dozen major improvements that enhance every aspect of database application design and performance, including built-in replication and hot standby capabilities that give PostgreSQL 9.0 the high availability required for the "scale out" and failover architectures that characterize cloud computing and other demanding application environments, as well as 64-bit Windows support. The new release also that simplifies major upgrades by removing the need for the "dump/load data" procedure required in prior versions and instead performs an in-place upgrade, which is much easier and faster.
Posted September 21, 2010
IBM today announced its intention to acquire Netezza, a publicly held company based in Marlborough, Mass., in a cash transaction at a price of $27 per share or at a net price of approximately $1.7 billion, after adjusting for cash. Business analytics is one of the fastest growing segments in the IT industry, observed Arvind Krishna, general manager of IBM's Software Group's Information Management business, during an IBM press teleconference to discuss the significance of the planned acquisition. By bringing the simplicity, ease of deployment, and speed of Netezza to IBM, the acquisition will help IBM accelerate its initiatives "to bring analytics to the masses," added Jim Baum, president and CEO of Netezza. The transaction, which is subject to Netezza shareholder approval, regulatory clearances and other customary closing conditions, is expected to close in the fourth quarter of 2010.
Posted September 20, 2010
Symantec Corp. announced the availability of Symantec Enterprise Vault 9.0 and Enterprise Vault Discovery Collector, technology to help organizations store, manage and discover information across the enterprise. The vendor also announced NetBackup 5000 deduplication appliance and cloud storage for NetBackup and Backup Exec to help organizations reduce their data storage footprints and more effectively leverage cloud-based data storage services.
Posted September 20, 2010
Sentrigo, Inc., a provider of database security software, has announced the availability of an integrated database activity monitoring and vulnerability assessment solution. Hedgehog Enterprise v4.0 provides a database activity monitoring and intrusion prevention platform combined with new capabilities to find, scan and validate databases containing sensitive information on a network to meet regulatory standards.
Posted September 15, 2010
The survey was conducted in May 2010 by Unisphere Research, a division of Information Today, Inc., and was sponsored by Oracle Corporation. Prior to this survey, a study of the IOUG members' information security practices was first conducted by Unisphere Research in 2008, and then again in 2009. While most respondents to the 2010 survey say they are increasing their investments in security and putting in place measures to protect their information, many also feel that these safeguards are not sufficient, according to the research. Among other troubling findings from the 2010 survey, is that close to two out of five respondents' organization ship live production data out to development teams and outside parties, yet more than one-third admit that the data is unprotected or that they simply don't know if it is protected. In many cases that data consists of sensitive or confidential information.
Posted September 14, 2010
MarkLogic Corporation has announced that MarkLogic Server has earned Common Criteria Certification from an unbiased independent evaluator. MarkLogic Server has been validated in accordance with the provisions of the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS) for IT Security, an IT security certification program.
Posted September 07, 2010
Informative Graphics Corporation, a provider of viewing, collaboration and redaction technology, announced the release of Redact-It for IBM eDiscovery Manager. IBM's eDiscovery software provides a strategic, in-house approach to more efficiently address discovery, privacy and retention requirements. Integrated with IBM eDiscovery Manager, Redact-It performs automated redaction on documents during the export phase, enabling organizations to process large volumes of documents in-house.
Posted August 31, 2010